On Tue, 10 Sep 2013 00:25:20 +0100 Peter Fairbrother
wrote:
> On 09/09/13 23:03, Perry E. Metzger wrote:
>
> >> On Mon, 9 Sep 2013, Daniel wrote:
> >> [...] They are widely used curves and thus a good way to reduce
> >> conspiracy theories that they were chosen in some malicious way
> >> to subve
On 09/09/13 23:03, Perry E. Metzger wrote:
On Mon, 9 Sep 2013, Daniel wrote:
[...] They are widely used curves and thus a good way to reduce
conspiracy theories that they were chosen in some malicious way to
subvert DRBG.
Er, don't we currently have documents from the New York Times and the
G
On Mon, 9 Sep 2013 14:07:58 +0300 Alexander Klimov
wrote:
> On Mon, 9 Sep 2013, Daniel wrote:
> > Is there anyone on the lists qualified in ECC mathematics that can
> > confirm that?
>
> NIST SP 800-90A, Rev 1 says:
>
> The Dual_EC_DRBG requires the specifications of an elliptic curve
> and tw
Forwarded without permission, hence anonymized:
"
Hey, I had a look at SEC2 and the TLS/SSH RFCs. SSH uses secp256/384r1
which has the same parameters as what's in SEC2 which are the same the
parameters as specified in SP800-90 for Dual EC DRBG!
TLS specifies you can use those two curves as well.
On Mon, 9 Sep 2013, Daniel wrote:
> Is there anyone on the lists qualified in ECC mathematics that can
> confirm that?
NIST SP 800-90A, Rev 1 says:
The Dual_EC_DRBG requires the specifications of an elliptic curve and
two points on the elliptic curve. One of the following NIST approved
curv
9. sep. 2013 kl. 10:45 skrev Eugen Leitl :
> Forwarded without permission, hence anonymized:
> "
> Hey, I had a look at SEC2 and the TLS/SSH RFCs. SSH uses secp256/384r1
> which has the same parameters as what's in SEC2 which are the same the
> parameters as specified in SP800-90 for Dual EC DRBG!
