[Cryptography] Mac OS 10.7.5 Random Numbers
Bill Frantz
frantz at pwpconsult.com
Mon Feb 3 00:44:10 EST 2014
On 2/2/14 at 9:34 PM, agr at me.com (Arnold Reinhold) wrote:
>Based on the Darwin source code posted at the xnu project,
>Apple uses the SHA1 version of Yarrow with the 1999 source code
>from Counterpane essentially unchanged. This give them a
>160-bit secret state. An obvious improvement would be to switch
>to SHA2 or SHA3 with a 256 or 512 bit state, but the Apple
>source contains this warning:
>
>"THIS FILE IS NEEDED TO PASS FIPS ACCEPTANCE FOR THE RANDOM NUMBER GENERATOR.
>IF YOU ALTER IT IN ANY WAY, WE WILL NEED TO GO THOUGH FIPS ACCEPTANCE AGAIN,
>AN OPERATION THAT IS VERY EXPENSIVE AND TIME CONSUMING. IN OTHER WORDS,
>DON'T MESS WITH THIS FILE."
>
Adding yet more evidence that FIPS standards work against
improved security. I wonder how much NSA advice had to do with
this situation.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
More information about the cryptography
mailing list