Re: NIST recommendations for PRNGs

2006-07-25 Thread Max A.

On 6/14/06, Perry E. Metzger [EMAIL PROTECTED] wrote:


via Bruce Schneier's blog:

http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90_DRBG_June2006.pdf


It was updated June 30 to the final version:

http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90_DRBG-June2006-final.pdf

Max

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Crypto to defend chip IP: snake oil or good idea?

2006-07-25 Thread Perry E. Metzger

EE Times is carrying the following story:

http://www.eetimes.com/news/latest/showArticle.jhtml?articleID=190900759

It is about attempts to use cryptography to protect chip designs from
untrustworthy fabrication facilities, including a technology from
Certicom.

Unlike ordinary DRM, which I think can largely work in so far as it
merely provides a (low) barrier to stop otherwise honest people from
copying something they find inexpensive in the first place, it seems
to me that efforts like this are doomed.

It is one thing if you're just trying to keep most people honest about
something that doesn't cost much money, and another if you're trying
to protect something worth millions of dollars from people with
extremely sophisticated reverse engineering equipment. In particular,
people who operate fabs are also in possession of exquisitely good
equipment for analyzing the chips they've made so they can figure out
process problems, and the key injection equipment Certicom is making
could easily be suborned as well.

I'd be interested in other people's thoughts on this. Can you use DRM
to protect something worth not eight dollars but eight million?

-- 
Perry E. Metzger[EMAIL PROTECTED]

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]