[cryptography] Random number generation influenced, HW RNG
noloader at gmail.com
Sat Sep 7 15:45:22 EDT 2013
On Sat, Sep 7, 2013 at 1:48 PM, David Johnston <dj at deadhat.com> wrote:
> On 9/6/2013 2:03 PM, grarpamp wrote:
>>> However, I claim that the fear is well founded and should be taken into
>>> account by all threat models.
> It interesting to consider the possibilities of corruption and deception
> that may exist in product design. It's a lot more alarming when it's your
> own design that is being accused of having been backdoored. Claiming the NSA
> colluded with intel to backdoor RdRand is also to accuse me personally of
> having colluded with the NSA in producing a subverted design. I did not.
I don't think it was a personal attack.
> A quick googling revealed many such instances of statements to this effect,
> strewn across the internet, based on inferences from the Snowden leaks and
> resulting Guardian and NYT articles.
Its our job to be paranoid. As long as our adversaries enjoy secrecy
(and no responsibility or accountability), we have to speculate on
> I personally know it not to be true and from my perspective, the effort we
> went to improve computer security by making secure random numbers available
> and ubiquitous in a low attack-surface model is now being undermined by
> speculation that would lead people to use less available, less secure RNGs.
> This I expect would serve the needs of the NSA well.
Well, because you did not know or participate does not mean it did not occur.
In , Caspar Bowden, who was the former Chief Privacy Officer at
Microsoft, speculated a handful of top Microsoft managers were
involved with the backdooring of Microsoft products. Even Bowden was
not privileged to the full depth and breadth of corporate cooperation.
If you asked David LeBlanc, Michael Howard, and a number of other
senior security guys, they likely had no knowledge either.
More information about the cryptography