[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"
Patrick Mylund Nielsen
cryptography at patrickmylund.com
Sat Jul 13 01:43:49 EDT 2013
On Sat, Jul 13, 2013 at 1:38 AM, William Yager <will.yager at gmail.com> wrote:
> not trusting your hardware is a great place to start.
Heh, might as well just give up. http://cm.bell-labs.com/who/ken/trust.html
(I know what you meant, just couldn't resist.)
> On Fri, Jul 12, 2013 at 7:20 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz>wrote:
>> Nico Williams <nico at cryptonector.com> writes:
>> >I'd like to understand what attacks NSA and friends could mount, with
>> >witting or unwitting cooperation, particularly what attacks that
>> >put civilian (and military!) infrastructure at risk should details of a
>> >backdoor leak to the public, or *worse*, be stolen by an antagonist.
>> Right. How exactly would you backdoor an RNG so (a) it could be
>> used by the NSA when they needed it (e.g. to recover Tor keys), (b) not
>> the security of massive amounts of infrastructure, and (c) be so totally
>> undetectable that there'd be no risk of it causing a s**tstorm that makes
>> $0.5B FDIV bug seem like small change (not to mention the legal issues,
>> this one would have been inserted deliberately, so we're probably talking
>> the-company amounts of liability there).
>> >I'm *not* saying that my wishing is an argument for trusting Intel's RNG
>> >I'm sincerely trying to understand what attacks could conceivably be
>> >through a suitably modified RDRAND with low systemic risk.
>> Being careful is one thing, being needlessly paranoid is quite another.
>> are vast numbers of issues that crypto/security software needs to worry
>> before getting down to "has Intel backdoored their RNG".
>> cryptography mailing list
>> cryptography at randombit.net
> cryptography mailing list
> cryptography at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography