[Cryptography] RSA recommends against use of its own products.

ianG iang at iang.org
Thu Sep 26 01:21:39 EDT 2013

On 25/09/13 21:12 PM, Jerry Leichter wrote:
> On Sep 25, 2013, at 12:31 PM, ianG <iang at iang.org> wrote:
>> My conclusion is:  avoid all USA, Inc, providers of cryptographic products.
> In favor off ... who?

Ah well, that is the sticky question.  If we accept the conclusion, I 
see these options:

1.  shift to something more open.
2.  use foreign providers.
3.  start writing.
4.  get out of the security game.

> We already know that GCHQ is at least as heavily into this monitoring business as NSA, so British providers are out.  The French ...

Right, scratch the Brits and the French.  Maybe AU, NZ?  I don't know. 
Maybe the Germans / Dutch / Austrians.

> It's a really, really difficult problem.  For deterministic algorithms, in principle, you can sandbox ...

If you are referring to testing a provider's product for leaks, I think 
that's darn near impossible.

(If referring to the platform and things like leakage, that is an 
additional/new scope.)

> For probabilistic algorithms - choosing a random number is, of course, the simplest example - it's much, much harder.  You're pretty much forced to rely on some mathematics and other analysis - testing can't help you much.

As I have said, if you care, you write your own collector/mix/DRBG.  If 
not, then you're happy reading /dev/random.

(for the rest, all agreed.)


More information about the cryptography mailing list