Dirk-Willem van Gulik wrote:
I fail to see how you could evaluate this without seeing the code (and
even then - I doubt that one can properly do this -- the ?old? NSA habit
of tweaking your random generated rather than your protocol/algorithm
when they wanted your produced upgraded to export quality - is terribly
effective and very hard to spot).
Or am I missing something ?
I think that, in general, you are correct. However, in the case of NAT
your adversary is not someone who is trying to guess your randomness,
but someone who is trying to sell you their NAT gateway. In this case,
code/silicon inspection probably suffices.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]