William Yager <[email protected]> writes: >It's nice that you can be so cavalier about this, but if your system's RNG is >fundamentally broken, it doesn't really matter so much whether your other >stuff is well-programmed or not.
Well I'm not sure what thread you're coming in from, but the current one was about the issue of unnecessary paranoia about MIB's backdooring CPUs (and their RNGs). Good RNG design is an entirely different issue, see e.g. https://www.usenix.org/legacy/publications/library/proceedings/sec98/gutmann.html. >At least if my web browser is remotely exploitable, it doesn't break my disk >encryption software, GPG, SSH, every other web browser I'm using, and pretty >much every crypto appliance on my machine. If your browser is remotely exploitable then it breaks everything on what used to be your machine. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
