On 15.08.2013 16:25, Eugen Leitl wrote:
----- Forwarded message from Maxim Kammerer <[email protected]> -----
Date: Thu, 15 Aug 2013 15:38:56 +0300
From: Maxim Kammerer <[email protected]>
To: liberationtech <[email protected]>
Subject: Re: [liberationtech] Google confirms critical Android crypto flaw
Reply-To: liberationtech <[email protected]>
On Thu, Aug 15, 2013 at 2:34 PM, Nathan of Guardian
<[email protected]> wrote:
The best description is here:
http://armoredbarista.blogspot.ch/2013/03/randomly-failed-weaknesses-in-java.html
Unbelievableā¦ It seems that PRNG implementers suffer from NIH
syndrome. If you are going to use /dev/urandom, then use it all the
time, and rely on code that's reviewed and maintained by thousands of
kernel people, not just your favorite buggy seeded PRNG du-jour.
Or, if you decide to roll your own, at LEAST read Peter Gutmann's 1998
Usenix Security paper on the topic [1] or read the respective chapter in
his book [2].
Stephan
[1] http://www.cs.auckland.ac.nz/~pgut001/pubs/usenix98.pdf
[2] Peter Gutmann, Cryptographic Security Architecture, Springer Verlag,
2004.
