[cryptography] Random number generation influenced, HW RNG

Thor Lancelot Simon tls at panix.com
Sat Sep 7 14:57:04 EDT 2013


On Sat, Sep 07, 2013 at 10:48:02AM -0700, David Johnston wrote:
>
> It interesting to consider the possibilities of corruption and
> deception that may exist in product design. It's a lot more alarming
> when it's your own design that is being accused of having been
> backdoored. Claiming the NSA colluded with intel to backdoor RdRand
> is also to accuse me personally of having colluded with the NSA in
> producing a subverted design. I did not.

Not necessarily; the implementation may have been subverted instead.

It's unfortunate that some have attacked you personally, or if not,
then said things that came awfully close to it.  However, it strikes
me as naive in the extreme to think that what you designed would not
constitute a prime target for tampering of exactly the kind we now
know has gone on.  If it wasn't such a target, either your employer
did something very noble, or someone at the NSA didn't do his or her
job, or the systems containing what you designed had _already_
been compromised in some way that rendered your work much less of
an improvement to security than you intended it to be.

Your employer could help clear this up by publically urging
the news outlets that have redacted the list of companies that took
payments to compromise their own product to confirm whether or
not its own name is on the list.  Or by offering to indemnify its
customers against the effects of any such compromise, with very
specific reference to each of its current products that is in any
way a plausible target for such tampering.  I'm not holding my breath.

Thor


More information about the cryptography mailing list