[Cryptography] [RNG] on RNGs, VM state, rollback, etc.
James A. Donald
jamesd at echeque.com
Sun Oct 20 03:59:12 EDT 2013
On 2013-10-20 14:38, Russ Nelson wrote:
> Crypto without a threat model is like cookies without milk.
The threat model is that we are seeing a lot of duplicate factors in
keys, indicating a shortage of randomness, therefore, trying those
common factors will crack a lot of keys.
This is plausibly suspected, but not proven, to be the result of bootup
entropy shortage, that being a known bug. We don't know, however, that
this known bug is causing this known cryptographic weakness.
More information about the cryptography
mailing list