Re: [pfSense] Crypto/RNG Suggestions

On 2013-10-10 22:21, Eugen Leitl wrote:

----- Forwarded message from Jim Pingle -----

I haven't yet seen anything conclusive. People have called into question some or all of ECC, NSA's suggested Suite B, and so on. I put some links in a previous message[1]. If anyone knows of some solid research showing specific ciphers have been compromised, I'd love to see it so we can inform users.

There is a smoking gun on one of random number generators. There is strong circumstantial evidence, reason for suspicion, on suggested Suite B. AES and SHA look to be fine, but using them gives the appearance to end users that you might be playing footsie with NIST. Jon Callas has therefore made Twofish and Skein the default for silent circle.