[cryptography] Random number generation influenced, HW RNG

Marcus Brinkmann marcus.brinkmann at ruhr-uni-bochum.de
Mon Sep 9 08:52:52 EDT 2013


On 09/07/2013 07:48 PM, David Johnston wrote:
> It interesting to consider the possibilities of corruption and deception
> that may exist in product design. It's a lot more alarming when it's
> your own design that is being accused of having been backdoored.
> Claiming the NSA colluded with intel to backdoor RdRand is also to
> accuse me personally of having colluded with the NSA in producing a
> subverted design. I did not.

This complaint is put towards the wrong people.  This erosion of trust
is exactly why the NSA surveillance program is so destructive to
society.  For all we know, you can be the most excellent person on earth
(I certainly have no reason to believe otherwise), yet the product you
designed may have been altered without your knowledge, and, apparently,
even without the knowledge of your supervisors and Intel executives.

The table is turned, and now it is not the general population under
suspicion by the NSA but the digital industry is under suspicion by the
general population.

Luckily, we have the better cards.  Instead of mass surveillance, we can
turn to transparent and open technologies.  When push comes to shove,
the surviving technologies should be those that prove to us that they
are innocent.  You should demand the ability to work under such
conditions from your company and government - MSFT and GOOG have
realised that need, and sued the US gov for the ability to move forward
in that a market.



More information about the cryptography mailing list