[cryptography] [Cryptography] RSA equivalent key length/strength

Shawn Wilson ag4ve.us at gmail.com
Sun Sep 22 18:31:15 EDT 2013


Just an example of how to spend $250M. 

Jared Hunter <feralchimp at gmail.com> wrote:
>New to the list, so I'm sorry if I missed it, but what was the evidence
>presented that RSA took a $10M payoff to make Dual EC DRBG the default
>in Crypto-C?
>
>Thanks,
>
>-Jared
>
>> On Sep 22, 2013, at 9:01 AM, Peter Gutmann
><pgut001 at cs.auckland.ac.nz> wrote:
>> 
>> ianG <iang at iang.org> writes:
>> 
>>> One mystery is left for me.  Why so much?  It clearly doesn't cost
>that much
>>> money to implement the DRBG, or if it did, I would have done it for
>$5m,
>>> honest injun!  Nor would it cost that to test it nor to deploy it on
>mass.
>>> Documentation, etc.
>> 
>> You're assuming that someone got passed a suitcase full of cash and
>that was 
>> it.  Far more likely that RSA got a $10M contract for some government
>work and 
>> at some point that included a request to make the ECDRBG the default
>for 
>> <insert plausible-sounding reason here>.  All quite above board,
>nothing 
>> terribly suspicious to raise eyebrows.
>> 
>> Peter.
>> _______________________________________________
>> cryptography mailing list
>> cryptography at randombit.net
>> http://lists.randombit.net/mailman/listinfo/cryptography
>_______________________________________________
>cryptography mailing list
>cryptography at randombit.net
>http://lists.randombit.net/mailman/listinfo/cryptography



More information about the cryptography mailing list