[cryptography] [Cryptography] RSA equivalent key length/strength

Jared Hunter feralchimp at gmail.com
Sun Sep 22 09:29:00 EDT 2013


New to the list, so I'm sorry if I missed it, but what was the evidence presented that RSA took a $10M payoff to make Dual EC DRBG the default in Crypto-C?

Thanks,

-Jared

> On Sep 22, 2013, at 9:01 AM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> 
> ianG <iang at iang.org> writes:
> 
>> One mystery is left for me.  Why so much?  It clearly doesn't cost that much
>> money to implement the DRBG, or if it did, I would have done it for $5m,
>> honest injun!  Nor would it cost that to test it nor to deploy it on mass.
>> Documentation, etc.
> 
> You're assuming that someone got passed a suitcase full of cash and that was 
> it.  Far more likely that RSA got a $10M contract for some government work and 
> at some point that included a request to make the ECDRBG the default for 
> <insert plausible-sounding reason here>.  All quite above board, nothing 
> terribly suspicious to raise eyebrows.
> 
> Peter.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography


More information about the cryptography mailing list