Re: [cryptography] [liberationtech] Random number generation being influenced - rumors
----- Forwarded message from coderman
... #1) Maintaining a strong security boundary. ... #2) FIPS compliance. ... #3) Robust engineering. [trust us entirely] ... #4) Software solutions have been a demonstrable failure. [trust us instead]
none of these are compelling reasons to not release raw access to the entropy stream from hardware noise sources.* clearly you have done your homework, and the design, _if trusted_, is a good one. however, denying access to the raw sources prevents any evaluation that the entropy sources are indeed operating as designed, and prevents any mode of operation where independent entropy estimates, mixing, and host/application pool seeding is possible. and surely you, when considering the point of view of an attacker, can recognize the immense value of modes (RDRAND, RDSEED) which provide only the obfuscated output to callers of these instructions. last but not least, you take these criticisms as personal attack. i have not seen anyone attack you personally. in fact, you simply do not have the clearance nor indoctrination to be trusted with such a backdoor. as per the leaked documents, early access to these designs is used to develop backdoors, exploits, and other surreptitious access available when the product is. keeping you in the dark, and enjoying your passionate rebuttals to claims of compromise, is more effective, isn't it? _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
participants (1)
-
Eugen Leitl