Weeks after the informal announcement, the Taiwanese National ID smartcard break is finally getting press. It is a great example of a piece of "certified" crypto hardware that works poorly because of bad random number generation.
Good explanation for your technical but not security oriented friends in Ars Technica: http://arstechnica.com/security/2013/09/fatal-crypto-flaw-in-some-government-certified-smartcards-makes-forgery-a-snap/ -- Perry E. Metzger pe...@piermont.com _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography