[cryptography] /dev/random is not robust

Florian Weimer fw at deneb.enyo.de
Wed Oct 16 04:12:35 EDT 2013


> http://eprint.iacr.org/2013/338.pdf

Isn't this straight from the crypto paper construction kit?  Make up
some criterion, show that a popular primitive or implementation lacks
it, demonstrate that a new construction has it.  Talk about the
"standard model".  Do not provide any explicit bounds.


More information about the cryptography mailing list