On 9/6/2013 2:03 PM, grarpamp wrote:
Does anyone put any stock into the rumors floating lately that the
government may have influenced Intel and/or AMD into altering
However, I claim that the fear is well founded and should be taken into
account by all threat models.
It interesting to consider the possibilities of corruption and deception
that may exist in product design. It's a lot more alarming when it's
your own design that is being accused of having been backdoored.
Claiming the NSA colluded with intel to backdoor RdRand is also to
accuse me personally of having colluded with the NSA in producing a
subverted design. I did not.
A quick googling revealed many such instances of statements to this
effect, strewn across the internet, based on inferences from the Snowden
leaks and resulting Guardian and NYT articles.
I personally know it not to be true and from my perspective, the effort
we went to improve computer security by making secure random numbers
available and ubiquitous in a low attack-surface model is now being
undermined by speculation that would lead people to use less available,
less secure RNGs. This I expect would serve the needs of the NSA well.
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
