[cryptography] Intel RNG

dj at deadhat.com dj at deadhat.com
Mon Jun 18 14:57:18 EDT 2012


Indeed. We're confident that the DRNG design is sound, but asking the
world to "trust us, it's a sound design" is unreasonable without us
letting someone independently review it. So being a cryptographic design
that people need some reason to trust before they use it, we opened the
design to a reputable outside firm and paid for and asked for independent
review.

The reviewers get to publish their review. We don't control the text.
That's part of the deal. We run the risk that we look bad if the review
finds bad stuff.

How else could we look credible? Our goal is to remove the issue of bad
random numbers from PCs that lead to the failure of cryposystems. Part of
achieving that is that we have to give people a way to understand why the
random numbers are of cryptographic quality and what that means in
specific terms, like brute force prediction resistance, SP800-90
compliance and effective conditioning of seeds.



>
> A company makes a cryptographic widget that is inherently hard to test or
> validate. They hire a respected outside firm to do a review. What's wrong
> with that? I recommend that everyone do that. Un-reviewed crypto is a
> bane.
>
> Is it the fact that they released their results that bothers you? Or
> perhaps that there may have been problems that CRI found that got fixed?
>
> These also all sound like good things to me.
>
> 	Jon
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Universal 3.2.0 (Build 1672)
> Charset: us-ascii
>
> wj8DBQFP32NnsTedWZOD3gYRAuxbAKCvzWt3/+jKq5VadSBLBo6hfT9L8wCeJT15
> 8e6Ll1xBvXe8IojvRDvksXw=
> =jAzX
> -----END PGP SIGNATURE-----
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>




More information about the cryptography mailing list