[cryptography] Which encryption chips are compromised?

coderman coderman at gmail.com
Tue Dec 10 22:12:04 EST 2013


On Tue, Dec 10, 2013 at 4:11 PM,  <dan at geer.org> wrote:
> ...
> For this to be an explicit line item in that document, it
> has to be special.  The two classes of "special" that occur
> to me are (1) XXXXXX has a near monopoly (like Broadcom
> does in its sector) or (2) XXXXXX is uniquely vulnerable to
> blackmail (a merchant with an export control problem, say).

you ask interesting questions Dan, and draw useful conclusions :)

some items to note:
- is this DUAL_EC_DRNG? don't think so. deadline is FY 2013.
- is this DUAL_EC_DRNG? the market for closed source, proprietary
crypto solutions is small (and growing smaller, :(
- is this XSTORE? it's been a while. but never should have been used
directly. see mtrngd with MSR bits set no whitening, max sample, max
freq. into mix + conservative estimate before /dev/random write.



> But in related news:
>
> Engineers abandon encryption chips after Snowden leaks
> http://rt.com/usa/snowden-leak-rng-randomness-019/

some cryptographers and cypherpunks have become despondent or dejected
or demoralized by these events.

i see a larger picture: never before have so many been doing crypto less wrong!

;P



best regards,
  cross post from cpunks list to save cert for https://peertech.org/ with sha256
  C6:5E:C0:43:56:84:2E:11:A3:35:C8:AC:A9:70:96:7B:A5:2E:5B:77
  from godaddy with their ident
  keyid:40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE
  i'm not going to replace cert until jan2014 unless "... it went bad
from there".


More information about the cryptography mailing list