On Thu, Aug 26, 2010 at 11:21:35AM -0500, Nicolas Williams wrote:
> Would it be possible to combine a FIPS 140-2 PRNG with a TRNG such that
> testing and certification could be feasible?
Yes. (assuming you mean FIPS certification).
Use the TRNG to seed the approved PRNG implementation.
> I'm th
Richard Salz writes:
> A really knowledgeable net-head told me the other day that the problem
> with SSL/TLS is that it has too many round-trips. In fact, the RTT costs
> are now more prohibitive than the crypto costs. I was quite surprised to
> hear this; he was stunned to find it out.
Cryptog
Peter Gutmann asked..
>
> Has anyone published any figures for this, CPU speed vs. network latency vs.
> delay for crypto and the network?
there's this (by Adam Langley)..
Overclocking SSL
http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html
..but it doesn't appear to have (yet) the
Nicolas Williams wrote:
On Thu, Aug 26, 2010 at 06:25:55AM -0400, Jerry Leichter wrote:
On Aug 25, 2010, at 4:37 PM,
travis+ml-cryptogra...@subspacefield.org wrote:
I also wanted to double-check these answers before I included them:
1) Is Linux /dev/{u,}random FIPS 140 certified?
No, because F
>
> 3) Is determinism a good idea?
> See Debian OpenSSL fiasco. I have heard Nevada gaming commission
> regulations require non-determinism for obvious reasons.
>
The Nevada rules don't convincingly demand non determinism. They do say
things that probably unintentionally exclude non determinism.
On Thu, Aug 26, 2010 at 12:13:06PM -0400, Perry E. Metzger wrote:
> It is difficult to validate that a hardware RNG is working
> correctly. How do you know the bits being put off aren't skewed
> somehow by a manufacturing defect? How do you know that damage in the
> field won't cause the RNG to bec
On 08/25/2010 10:40 PM, James A. Donald wrote:
This is inherent in the layering approach - inherent in our current crypto
architecture.
one of the things ran into the (ISO chartered) ANSI X3S3.3 (responsible for
standards
related to OSI level3 & level4) meetings with regard to standardization
On Thu, Aug 26, 2010 at 06:24:26PM +0300, Alexander Klimov wrote:
> I guess you misinterpret it. In no place 140-2 "does not allow
> TRNG".
On closer reading, I guess that's true. Annex C, "Approved Random
Number Generators", claims that no TRNGs have been approved, but
that's not the same as say
On Thu, Aug 26, 2010 at 06:25:55AM -0400, Jerry Leichter wrote:
> On Aug 25, 2010, at 4:37 PM,
> travis+ml-cryptogra...@subspacefield.org wrote:
> >
> >I also wanted to double-check these answers before I included them:
> >
> >1) Is Linux /dev/{u,}random FIPS 140 certified?
> >No, because FIPS 140-
On Thu, 26 Aug 2010, d...@geer.org wrote:
> as previously mentioned, somewhere back behind everything else ... there
> is strong financial motivation in the sale of the SSL domain name digital
> certificates.
>
While I am *not* arguing that point, per se, if having a
better solution would requi
On 08/26/2010 06:38 AM, d...@geer.org wrote:
While I am *not* arguing that point, per se, if having a
better solution would require, or would have required, no
more investment than the accumulated profits in the sale
of SSL domain name certs, we could have solved this by now.
the profit from sa
On Thu, 26 Aug 2010 08:14:26 -0700
travis+ml-cryptogra...@subspacefield.org wrote:
> On Thu, Aug 26, 2010 at 06:25:55AM -0400, Jerry Leichter wrote:
> > [F]IPS doesn't tell you how to *seed* your deterministic
> > generator. In effect, a FIPS-compliant generator has the
> > property that if you st
* James A. Donald:
> Every time you layer one communication protocol on top of another, you
> get another round trip.
In this generality, this is not true at all. You're confusing
handshakes with protocol layering. You can do the latter without the
former. For example, DNS uses UDP without int
On Wed, 25 Aug 2010 travis+ml-cryptogra...@subspacefield.org wrote:
> No, because FIPS 140-2 does not allow TRNGs (what they call
> non-deterministic).
> I couldn't tell if FIPS 140-1 allowed it, but FIPS 140-2 supersedes FIPS
> 140-1.
> I assume they don't allow non-determinism because it makes
On Thu, Aug 26, 2010 at 06:25:55AM -0400, Jerry Leichter wrote:
> [F]IPS doesn't tell you how to *seed* your deterministic generator. In
> effect, a FIPS-compliant generator has the property that if you start it
> with an unpredictable seed, it will produce unpredictable values.
That brings
travis+ml-cryptogra...@subspacefield.org wrote:
Hey all,
I also wanted to double-check these answers before I included them:
3) Is determinism a good idea?
See Debian OpenSSL fiasco. I have heard Nevada gaming commission
regulations require non-determinism for obvious reasons.
Do those sou
On 25/08/10 11:04 PM, Richard Salz wrote:
A really knowledgeable net-head told me the other day that the problem
with SSL/TLS is that it has too many round-trips. In fact, the RTT costs
are now more prohibitive than the crypto costs. I was quite surprised to
hear this; he was stunned to find it
>From http://lwn.net/Articles/400913/
Transport-level encryption with Tcpcrypt
By Jake Edge
August 25, 2010
It has been said that the US National Security Agency (NSA) blocked the
implementation of encryption in the TCP/IP protocol for the original
ARPANET, because it wanted to be able to listen
>
> as previously mentioned, somewhere back behind everything else ... there
> is strong financial motivation in the sale of the SSL domain name digital
> certificates.
>
While I am *not* arguing that point, per se, if having a
better solution would require, or would have required, no
more
On Aug 25, 2010, at 4:37 PM, travis+ml-cryptogra...@subspacefield.org
wrote:
I also wanted to double-check these answers before I included them:
1) Is Linux /dev/{u,}random FIPS 140 certified?
No, because FIPS 140-2 does not allow TRNGs (what they call non-
deterministic). I couldn't tell if
On Thu, Aug 26, 2010 at 12:40:04PM +1000, James A. Donald wrote:
> On 2010-08-25 11:04 PM, Richard Salz wrote:
> >>Also, note that HSTS is presently specific to HTTP. One could imagine
> >>expressing a more generic "STS" policy for an entire site
> >
> >A really knowledgeable net-head told me the o
On Aug 25, 2010, at 4:37 16PM, travis+ml-cryptogra...@subspacefield.org wrote:
>
> 3) Is determinism a good idea?
> See Debian OpenSSL fiasco. I have heard Nevada gaming commission
> regulations require non-determinism for obvious reasons.
It's worth noting that the issue of determinism vs. no
22 matches
Mail list logo