On 9/8/2013 4:27 AM, Eugen Leitl wrote:
- Forwarded message from James A. Donald jam...@echeque.com -
Date: Sun, 08 Sep 2013 08:34:53 +1000
From: James A. Donald jam...@echeque.com
To: cryptogra...@randombit.net
Subject: Re: [cryptography] Random number generation influenced, HW RNG
would you care to explain the very strange design decision
to whiten the numbers on chip, and not provide direct
access to the raw unwhitened output.
On 2013-09-09 2:40 PM, David Johnston wrote:
#1 So that that state remains secret from things trying to
discern that state for purposes of
number generation
influenced, HW RNG
#1 So that that state remains secret from things trying to discern that
state
for purposes of predicting past or future outputs of the DRBG.
#2 So that one thread cannot undermine a second thread by putting the
DRNG into a broken mode. There is only one
There are basically two ways your RNG can be cooked:
a. It generates predictable values. Any good cryptographic PRNG will do this
if seeded by an attacker. Any crypto PRNG seeded with too little entropy can
also do this.
b. It leaks its internal state in its output in some encrypted way.
- Forwarded message from James A. Donald jam...@echeque.com -
Date: Sun, 08 Sep 2013 08:34:53 +1000
From: James A. Donald jam...@echeque.com
To: cryptogra...@randombit.net
Subject: Re: [cryptography] Random number generation influenced, HW RNG
User-Agent: Mozilla/5.0 (Windows NT 5.1;
On 09/08/2013 04:27 AM, Eugen Leitl wrote:
On 2013-09-08 3:48 AM, David Johnston wrote:
Claiming the NSA colluded with intel to backdoor RdRand is also to
accuse me personally of having colluded with the NSA in producing a
subverted design. I did not.
Well, since you personally did this,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sep 7, 2013, at 8:06 PM, John Kelsey crypto@gmail.com wrote:
There are basically two ways your RNG can be cooked:
a. It generates predictable values. Any good cryptographic PRNG will do
this if seeded by an attacker. Any crypto PRNG
- Forwarded message from Thor Lancelot Simon t...@panix.com -
Date: Sat, 7 Sep 2013 15:36:33 -0400
From: Thor Lancelot Simon t...@panix.com
To: Eugen Leitl eu...@leitl.org
Cc: cryptogra...@randombit.net
Subject: Re: [cryptography] Random number generation influenced, HW RNG
User-Agent: