On 9/8/2013 2:13 AM, Graham Leggett wrote:
On 07 Sep 2013, at 11:26 PM, Steve Marquess <marqu...@opensslfoundation.com>
wrote:
Note that Dual EC DRBG is *NOT* used by default and a calling
application must specifically and deliberately enable it; that cannot be
done accidentally. Any application which does so will hopefully be fully
aware of the consequences (and probably must do so for
policy reasons).
Is the Dual EC DRBG used in any hardware crypto implementations, and if so, how
would we avoid using those hardware implementations with certainty in OpenSSL?
I'm thinking specifically of the Intel one described here:
http://spectrum.ieee.org/computing/hardware/behind-intels-new-randomnumber-generator
That new Intel design sounds suspiciously like they are feeding their
high quality hardware random through a 256 bit EC DRBG before allowing
any user code to see it, so if that EC DRBG used is compromised, so are
all the random bits.
Besides, I gave up using Intel-promoted hardware crypto when they
removed the firmware hub RNG just after convincing everybody to add
software support for it.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
