Hi Russ, On Sat, November 16, 2013 4:18 pm, Russ Housley wrote: > Dan: > > Random or pseudorandom? Do you care?
The output has to be suitable for doing a digital signature or a Diffie-Hellman key exchange. Dan. > Russ > > > On Nov 15, 2013, at 12:55 AM, Dan Harkins wrote: > >> >> Hello, and welcome to the dsfjdssdfsd list! >> >> At the last IETF the question was asked, "what can we do to harden >> the Internet?" Given the recent news about Dual_EC_DBRG and the >> dopant attack against hardware RNGs one of the things that can be >> done is to have an open specification of a secure RNG. This would >> allow developers to have an alternative to relying solely on >> /dev/[u]random, a hardware RNG, an RNG specified by a large >> government-affiliated group to mix the uncorrelated sources of >> entropy they gather, or an RNG designed in an ad hoc manner by >> someone who thinks he knows what he's doing but probably >> doesn't. >> >> One of the things that would be nice to get out of this list is a >> specification on a strong RNG, in the form of a BCP or Informational >> RFC. This doesn't necessarily mean lets "roll our own" but perhaps >> there is best practice that can be specified. >> >> So, is there a model that defines what a "robust RNG" would look >> like? Is there a suitable candidate that exists already for such a >> thing? >> >> regards, >> >> Dan. >> >> >> _______________________________________________ >> dsfjdssdfsd mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd > > _______________________________________________ > dsfjdssdfsd mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dsfjdssdfsd > _______________________________________________ dsfjdssdfsd mailing list [email protected] https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
