See:
http://arstechnica.com/security/2013/09/fatal-crypto-flaw-in-some-government-certified-smartcards-makes-forgery-a-snap/
for overview, and:
http://smartfacts.cr.yp.to/
for more details of the research.
Would it be advisable to implement a test, prior to any certification of an
RNG, whereby some large number of keys are created and tested using a set of 3
or 4 known algorithms (such as those used in this paper) for breaking keys?
Cheers,
- johnk
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
