[Cryptography] Checking for the inadvertent use of test keys

Tom Mitchell mitch at niftyegg.com
Fri Sep 4 00:07:30 EDT 2015


On Thu, Sep 3, 2015 at 5:09 PM, Ray Dillinger <bear at sonic.net> wrote:

>
>
> On 09/02/2015 11:51 AM, Guus Sliepen wrote:
> > On Wed, Sep 02, 2015 at 07:00:27PM +1200, Peter Gutmann wrote:
> >
> >> What I'm after is a simple safety check to warn about inadvertent use of
> >> predictable sequences that might get used as test keys.  I'm after
> actual
> >> algorithmic tests rather than general advice like "have you looked at
> >> Kolmogorov complexity"...
> >
> > You could algorithmically Google the key and warn when the number of
> > hits is too high.
>
>
> Don't even joke about sending keys off to a third-party who's going
> to have to have them in the clear to provide meaningful results.


 Exactly... that is a perfect example of data flow awareness and secrets.
Things like this cannot be lost or a clever summer intern might....




-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150903/0d8784f2/attachment.html>


More information about the cryptography mailing list