[Cryptography] ideas for (long) Nothing up my sleeve numbers

ianG iang at iang.org
Mon Mar 31 21:06:50 EDT 2014

On 01/04/2014 23:44 pm, Barney Wolff wrote:
> On Mon, Mar 31, 2014 at 12:09:42PM -0700, Bear wrote:
>> If you want "nothing up my sleeve" numbers start with a source that 
>> has long been published and do a simple repeatable manipulation to it.  

In some sense, the NIST document for Dual_EC was long published... but
not queried on the day it seems.  It is worth reading the new paper on
how they minded your Ps and Qs:


Fascinating how the authors had to reverse-engineer the hardcoded params
in binary libraries in order to change the defaults...

> I think somebody else said it, more or less, but the only foolproof
> technique to put you above suspicion is to publish your method and
> choice of a data seed you cannot predict or control, such as the closing
> prices of the S&P500 stocks tomorrow, in a specified order and encoding.

Wait!  That's not foolproof, it won't work for Goldman-Sachs or JP Morgan.


ps; couldn't resist, it is the day for it ;)

More information about the cryptography mailing list