John Gilmore wrote:
Crypto hardware that generates random numbers can't be tested in
production in many useful ways. My suggestion would be to XOR a
hardware-generated and a software-generated random number stream. If
one fails, whether by accident, malice, or design, the other will
still
At 03:25 PM 9/30/04 -0700, John Gilmore wrote:
Crypto hardware that generates random numbers can't be tested in
production in many useful ways. My suggestion would be to XOR a
hardware-generated and a software-generated random number stream. If
one fails, whether by accident, malice, or design,
From: John Gilmore [EMAIL PROTECTED]
Sent: Sep 30, 2004 6:25 PM
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: Linux-based wireless mesh suite adds crypto engine support
Crypto hardware that does algorithms can be tested by periodically
comparing its results to a software implementation
- sufficient documentation and really transparent provable details so that
users could trust and verify that the hardware and software were doing what
they claimed to be doing and weren't doing anything evil that they didn't
admit to, such as including backdoors or bad random number
Peter Gutmann wrote:
Tinfoil-hat mode.
Agreed, but some people want to be thorough, or pedantic, or paranoid.
At 04:20 AM 9/30/2004, Jonathan Thornburg wrote:
UNDOCUMENTED_EVIL_WIRETAP_MODE can be just about impossible to spot
without full design oversight. Even for a 3DES chip, where supposedly
On Mon, 27 Sep 2004, Bill Stewart wrote:
[[about the Via crypto sets]]
The hard part is trust - Cryptography Research did a study last year
about the quality of the random number generator, and found that you
get about 0.75 bits of entropy per output bit, or 0.99 if you do
Von Neumann
In the past, there have been two main problems with the Via crypto sets
- availability of convenient software
- sufficient documentation and really transparent provable details
so that users could trust and verify that the hardware and software
were doing what they claimed to be
