[cryptography] [liberationtech] Random number generation being influenced - rumors
Eugen Leitl
eugen at leitl.org
Mon Sep 9 02:54:51 PDT 2013
----- Forwarded message from coderman <coderman at gmail.com> -----
Date: Sun, 8 Sep 2013 22:05:33 -0700
From: coderman <coderman at gmail.com>
To: David Johnston <dj at deadhat.com>
Cc: Discussion of cryptography and related <cryptography at randombit.net>
Subject: Re: [cryptography] [liberationtech] Random number generation being influenced - rumors
On Sun, Sep 8, 2013 at 9:26 PM, David Johnston <dj at deadhat.com> wrote:
> ...
> #1) Maintaining a strong security boundary.
> ...
> #2) FIPS compliance.
> ...
> #3) Robust engineering. [trust us entirely]
> ...
> #4) Software solutions have been a demonstrable failure. [trust us instead]
none of these are compelling reasons to not release raw access to the
entropy stream from hardware noise sources.*
clearly you have done your homework, and the design, _if trusted_, is
a good one. however, denying access to the raw sources prevents any
evaluation that the entropy sources are indeed operating as designed,
and prevents any mode of operation where independent entropy
estimates, mixing, and host/application pool seeding is possible.
and surely you, when considering the point of view of an attacker, can
recognize the immense value of modes (RDRAND, RDSEED) which provide
only the obfuscated output to callers of these instructions.
last but not least, you take these criticisms as personal attack. i
have not seen anyone attack you personally. in fact, you simply do not
have the clearance nor indoctrination to be trusted with such a
backdoor. as per the leaked documents, early access to these designs
is used to develop backdoors, exploits, and other surreptitious access
available when the product is.
keeping you in the dark, and enjoying your passionate rebuttals to
claims of compromise, is more effective, isn't it?
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
More information about the cypherpunks
mailing list