[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

William Yager will.yager at gmail.com
Sat Jul 13 02:40:14 EDT 2013


It's nice that you can be so cavalier about this, but if your system's RNG is fundamentally broken, it doesn't really matter so much whether your other stuff is well-programmed or not. At least if my web browser is remotely exploitable, it doesn't break my disk encryption software, GPG, SSH, every other web browser I'm using, and pretty much every crypto appliance on my machine.

I'd rather have a rickety shed built on solid ground than a castle built on quicksand.

On Jul 12, 2013, at 11:32 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:

> William Yager <will.yager at gmail.com> writes:
> 
>> no cryptographer ever got hurt by being too paranoid, and not trusting your
>> hardware is a great place to start.
> 
> And while you're lying awake at night worrying whether the Men in Black have
> backdoored the CPU in your laptop, you're missing the fact that the software
> that's using the random numbers has 36 different buffer overflows, of which 27
> are remote-exploitable, and the crypto uses an RSA exponent of 1 and AES-CTR
> with a fixed IV.
> 
> Peter.
> 



More information about the cryptography mailing list