[Cryptography] [RNG] /dev/random initialisation
James A. Donald
jamesd at echeque.com
Wed Oct 30 16:32:52 EDT 2013
On 2013-10-30 22:29, ianG wrote:
> Do we see a multi-phase approach here?
>
> 1. Limit the sources to FIPS-authenticated inputs.
> 2. Limit the number of sources that can be used.
> 3. Do a deal with all major suppliers of FIPS-authenticated inputs.
> 4. Profit.
To restate for the slow witted.
The prohibition against unauthorized sources of entropy indicates evil
intent and evil deeds.
No source of entropy can ever be harmful. The worst that can happen is
that it is entirely predictable to the adversary, in which case it does
little good, but can never do harm.
Thus banning unauthorized sources of entropy is an obviously stupid move.
Unless, of course, you are the adversary, and expect all authorized
sources of entropy to be predictable to yourself, but to no one else.
More information about the cryptography
mailing list