[Cryptography] [RNG] /dev/random initialisation
Jerry Leichter
leichter at lrw.com
Wed Oct 30 14:09:20 EDT 2013
On Oct 30, 2013, at 8:29 AM, ianG <iang at iang.org> wrote:
> Do we see a multi-phase approach here?
>
> 1. Limit the sources to FIPS-authenticated inputs.
> 2. Limit the number of sources that can be used.
> 3. Do a deal with all major suppliers of FIPS-authenticated inputs.
> 4. Profit.
>
> This is looking like the same multi-pronged strategy that sunk DRBG_EC.
Maybe. Or maybe we just see a misapplied reasonable principle that any input that could affect sensitive data must be authenticated.
"Never attribute to malice what can be explained by incompetence." One of the really bad things about the NSA's apparent attempts to subvert crypto is that it leads you to question this assertion. We just have no way of knowing.
-- Jerry
More information about the cryptography
mailing list