---------- Forwarded message ---------- From: coderman <coderman@gmail.com> Date: Tue, Dec 10, 2013 at 7:12 PM Subject: Re: [cryptography] Which encryption chips are compromised? On Tue, Dec 10, 2013 at 4:11 PM, <dan@geer.org> wrote:
... For this to be an explicit line item in that document, it has to be special. The two classes of "special" that occur to me are (1) XXXXXX has a near monopoly (like Broadcom does in its sector) or (2) XXXXXX is uniquely vulnerable to blackmail (a merchant with an export control problem, say).
you ask interesting questions Dan, and draw useful conclusions :) some items to note: - is this DUAL_EC_DRNG? don't think so. deadline is FY 2013. - is this DUAL_EC_DRNG? the market for closed source, proprietary crypto solutions is small (and growing smaller, :( - is this XSTORE? it's been a while. but never should have been used directly. see mtrngd with MSR bits set no whitening, max sample, max freq. into mix + conservative estimate before /dev/random write.
But in related news:
Engineers abandon encryption chips after Snowden leaks http://rt.com/usa/snowden-leak-rng-randomness-019/
some cryptographers and cypherpunks have become despondent or dejected or demoralized by these events. i see a larger picture: never before have so many been doing crypto less wrong! ;P