[cryptography] Design Strategies for Defending against Backdoors
coderman at gmail.com
Mon Nov 18 03:47:21 EST 2013
On Sun, Nov 17, 2013 at 11:27 PM, ianG <iang at iang.org> wrote:
> In the cryptogram sent over the weekend, Bruce Schneier talks about how to
> design protocols to stop backdoors. Comments?
> All random number generators should conform to published and accepted
> standards. Breaking the random number generator is the easiest
> difficult-to-detect method of subverting an encryption system. A corollary:
> we need better published and accepted RNG standards.
Intel still has not released raw access to their entropy sources;
RDRAND and RDSEED both passing through the conditioner (AES-CBC-MAC),
RDRAND also munged via AES CTR_DRBG (per NIST).
anything less than raw access to the entropy source samples inspires
More information about the cryptography