On Sat, Jul 13, 2013 at 4:32 PM, Peter Gutmann <[email protected]> wrote: > > William Yager <[email protected]> writes: > > >no cryptographer ever got hurt by being too paranoid, and not trusting your > >hardware is a great place to start. > > And while you're lying awake at night worrying whether the Men in Black have > backdoored the CPU in your laptop, you're missing the fact that the software > that's using the random numbers has 36 different buffer overflows, of which 27 > are remote-exploitable, and the crypto uses an RSA exponent of 1 and AES-CTR > with a fixed IV.
A good point, of course. So what should everyone do? > Peter. -- Noon Silk
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
