<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:DontUseAdvancedTypographyReadingMail/>
<w:DontUseJustificationAdvancedTypographyReadingMail/>
<w:DontUseHyphenationAdvancedTypographyReadingMail/>
</w:WordDocument>
</xml><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Aptos;
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Aptos",serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=EN-US link=blue vlink=purple style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal><span style='font-family:"Aptos",serif'>Thank you both Steven and Jason, I have added all five of your references about NIST’s Dual EC pseudorandom number generator at:<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><a href="https://cryptosystemsjournal.com/curated-cryptology-compendium.html#dual-ec-drbg">https://cryptosystemsjournal.com/curated-cryptology-compendium.html#dual-ec-drbg</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'>Also thanks to Ralf Senderek for recommended adding: “Security Engineering”, a Turing Award Lecture, and a Dan Boneh paper.<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'>Our compendium has now grown to 410 downloadable PDF’s (29,123 pages) & more.<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><a href="https://cryptosystemsjournal.com/curated-cryptology-compendium.html">https://cryptosystemsjournal.com/curated-cryptology-compendium.html</a><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'>For those who have not yet visited, the Table of Contents contains these sections:<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><table class=MsoTableGrid border=1 cellspacing=0 cellpadding=0 style='background:#D9F2D0;border-collapse:collapse;border:none'><tr><td width=312 valign=top style='width:233.75pt;border:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt'><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Highly Recommended</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Foundational Papers</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Mathematical Cryptography</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Cryptanalysis & Attack Methodologies</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Dual EC pseudorandom number generator</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Randomness, Entropy, and Statistical Testing</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Zero-Knowledge Proofs & Interactive Systems</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Side-Channel Analysis & Hardware Attacks</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Secret Sharing: The Threshold of Trust</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Steganography & Covert Communications</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Network Anonymity & Traffic Analysis</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p></td><td width=312 valign=top style='width:233.75pt;border:solid windowtext 1.0pt;border-left:none;padding:0in 5.4pt 0in 5.4pt'><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>First Crypto War (1977-1999)</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Bletchley Park WWII Reports </span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA Modern Publications</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA Declassified Manuals & Books</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA Vietnam</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA-Snowden</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA Special Research Histories (SRH)</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA Internal Periodicals & Technical Journals</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA CryptoComics</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NSA/CCH Calendars</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>NIST Technical Standards</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p></td><td width=312 valign=top style='width:233.75pt;border:solid windowtext 1.0pt;border-left:none;padding:0in 5.4pt 0in 5.4pt'><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Cryptographic Mailing Lists & Communities</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Expert Cryptographer's Blogs</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Quantum & Post-Quantum</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Encryption Products</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Foundational Cryptographic Patents</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif;color:black'>Books (on Amazon)</span><span style='font-family:"Aptos",serif'><o:p></o:p></span></p></td></tr></table><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'>To reiterate: I welcome suggested additions, to make this the best possible resource for the community.<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'>Tony Patti<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"Aptos",serif'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'>From:</span></b><span style='font-size:11.0pt;font-family:"Calibri",sans-serif'> cryptography <cryptography-bounces+crypto=glassblower.info@metzdowd.com> <b>On Behalf Of </b>Steven M. Bellovin<br><b>Sent:</b> Saturday, January 31, 2026 8:34 AM<br><b>To:</b> Jason Cooper <cryptography@lakedaemon.net><br><b>Cc:</b> Tony Patti <crypto@glassblower.info>; cryptography@metzdowd.com<br><b>Subject:</b> Re: [Cryptography] Curated Cryptology Compendium<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><div><p><span style='font-family:"Arial",sans-serif'>I'd include this Usenix Security paper: <a href="https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/checkoway"><span style='color:#3983C4'>https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/checkoway</span></a> "On the Practical Exploitability of Dual EC in TLS Implementations" and <a href="https://dl.acm.org/citation.cfm?id=2978395"><span style='color:#3983C4'>https://dl.acm.org/citation.cfm?id=2978395</span></a>: A systematic analysis of the Juniper Dual EC incident from ACM SIGSAC.<o:p></o:p></span></p><p><span style='font-family:"Arial",sans-serif'>On 30 Jan 2026, at 9:55, Jason Cooper via cryptography wrote:<o:p></o:p></span></p></div><blockquote style='border:none;border-left:solid #777777 1.5pt;padding:0in 0in 0in 4.0pt;margin-left:0in;margin-right:0in;margin-bottom:3.75pt'><div id=CBDF0F08-250D-40C8-B461-56B942B94739><div><div><p class=MsoNormal style='mso-line-height-alt:.75pt'><span style='font-size:1.0pt;font-family:"Arial",sans-serif;color:white'>Hi Tony! On Wed, Jan 28, 2026 at 04: 45: 27PM -0500, Tony Patti wrote: > I have created a "Curated Cryptology Compendium" at > https: //urldefense. com/v3/__https: //cryptosystemsjournal. com/curated-cryptology-compendium. html__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTMstkyEY$<o:p></o:p></span></p></div><div><p class=MsoNormal style='mso-line-height-alt:.75pt'><span style='font-size:1.0pt;font-family:"Arial",sans-serif;color:white'>ZjQcmQRYFpfptBannerStart<o:p></o:p></span></p></div><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width="100%" style='width:100.0%'><tr><td style='padding:0in 0in 7.5pt 0in'><table class=MsoNormalTable border=1 cellspacing=0 cellpadding=0 width="100%" style='width:100.0%;background:#D0D8DC;border:none;border-top:solid #90A4AE 3.0pt;border-radius:4px'><tr><td valign=top style='border:none;padding:0in 6.0pt 4.5pt 6.0pt'><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 align=left><tr><td style='padding:0in 6.0pt 3.0pt 6.0pt'><p class=MsoNormal style='line-height:15.0pt'><b><span style='font-size:10.5pt;font-family:"Arial",sans-serif;color:black'>This Message Is From an External Sender <o:p></o:p></span></b></p></td></tr><tr><td style='padding:0in 6.0pt 3.0pt 6.0pt'><p class=MsoNormal style='line-height:12.0pt'><span style='font-size:9.0pt;font-family:"Arial",sans-serif;color:black'>This message came from outside your organization. <o:p></o:p></span></p></td></tr></table></td></tr></table></td></tr></table><div><p class=MsoNormal style='mso-line-height-alt:.75pt'><span style='font-size:1.0pt;font-family:"Arial",sans-serif;color:white'>ZjQcmQRYFpfptBannerEnd<o:p></o:p></span></p></div><pre style='white-space:pre-wrap'><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>Hi Tony!<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>On Wed, Jan 28, 2026 at 04:45:27PM -0500, Tony Patti wrote:<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> I have created a "Curated Cryptology Compendium" at<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> <a href="https://urldefense.com/v3/__https:/cryptosystemsjournal.com/curated-cryptology-compendium.html__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTMstkyEY$">https://urldefense.com/v3/__https://cryptosystemsjournal.com/curated-cryptology-compendium.html__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTMstkyEY$</a> <o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>...<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> I intend this to be a living project, and I'd appreciate feedback -- if you<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> have additions or corrections, let's make this the best resource possible<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> for the community!<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>Just spotted something missing, Dual-EC DRBG compromise. I'm not sure what<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>should be considered a canonical writeup of the incident, but here's a few to<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>get started:<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>Harvard Law Journal, "Dueling over Dual-EC DRBG: The Consequences of Corrupting<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>a Cryptographic Standardization Process"<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><a href="https://urldefense.com/v3/__https:/journals.law.harvard.edu/nsj/wp-content/uploads/sites/82/2022/06/Vol13Iss2_Kostyuk-Landau_Dual-EC-DRGB.pdf__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTcQTfTHo$">https://urldefense.com/v3/__https://journals.law.harvard.edu/nsj/wp-content/uploads/sites/82/2022/06/Vol13Iss2_Kostyuk-Landau_Dual-EC-DRGB.pdf__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTcQTfTHo$</a><o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>IACR, "Dual EC: A Standardized Backdoor"<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><a href="https://urldefense.com/v3/__https:/eprint.iacr.org/2015/767.pdf__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTenMnpzo$">https://urldefense.com/v3/__https://eprint.iacr.org/2015/767.pdf__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTenMnpzo$</a><o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>There's a slew of them, and imo, would be a great addition to the Compendium.<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>And more specifically, The Juniper compromise really shined a light on the<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>Dual-EC DRBG weakness:<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><a href="https://urldefense.com/v3/__https:/finance.yahoo.com/news/juniper-breach-mystery-starts-clear-130016591.html__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTFzxIc4E$">https://urldefense.com/v3/__https://finance.yahoo.com/news/juniper-breach-mystery-starts-clear-130016591.html__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTFzxIc4E$</a><o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>In short, Juniper used Dual-EC DRBG in their VPN gateway. Someone broke in and<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>changed the Q value so the attackers could leverage the backdoor.<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>From the article:<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> In its 2012 probe, Juniper learned that the hackers had stolen a file<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> containing NetScreen’s ScreenOS source code from an engineer’s computer. The<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> company didn’t realize that the hackers returned a short time later, accessed<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> a server where new versions of ScreenOS were prepared before being made<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> available to customers and altered the code, according to the two people<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> involved in the 2015 investigation and the document. The hackers' tweak<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> involved changing the Q value that the NSA algorithm used — the very same<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> vulnerability that Microsoft researchers had identified years earlier. The<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> hack allowed them to potentially bypass customers' encryption and eavesdrop<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>> on their communications.<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>thx,<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><o:p> </o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>Jason.<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>_______________________________________________<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'>The cryptography mailing list<o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><a href="mailto:cryptography@metzdowd.com">cryptography@metzdowd.com</a><o:p></o:p></span></pre><pre><span style='font-size:12.0pt;font-family:"Arial",sans-serif;color:#777777'><a href="https://urldefense.com/v3/__https:/www.metzdowd.com/mailman/listinfo/cryptography__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTExR2Z_E$">https://urldefense.com/v3/__https://www.metzdowd.com/mailman/listinfo/cryptography__;!!BDUfV1Et5lrpZQ!Rz0I4-ZQnm0LsoayhaMlborV0oCKqj3rkvgezed7qHsiYZKCesTmvAUuuVr7dN0CZKjP4pMc3P0073auFgbTExR2Z_E$</a><o:p></o:p></span></pre></div></div></blockquote><div><p class=MsoNormal><span style='font-family:"Arial",sans-serif'><o:p> </o:p></span></p><p><span style='font-family:"Arial",sans-serif'>--Steve Bellovin, <a href="https://www.cs.columbia.edu/~smb"><span style='color:#3983C4'>https://www.cs.columbia.edu/~smb</span></a><o:p></o:p></span></p></div></div></div></body></html>