There is some detail in the FIPS 140 security policy of Microsoft's
cryptographic provider, for Windows XP and Windows 2000. See for example
http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf
where they say the RNG is based on FIPS 186 RNG using SHS. The seed is
based on the collection of
From: lrk [EMAIL PROTECTED]
Sent: Aug 6, 2004 1:04 PM
To: R. A. Hettinga [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Cryptography and the Open Source Security Debate
...
More dangerous is a key generator which deliberately produces keys which
are easy to factor by someone knowing
http://www.businessweek.com/print/technology/content/aug2004/tc20040810_3053_tc024.htm?tc
Business Week
AUGUST 10, 2004
NEWS ANALYSIS :TECH
By Stephen H. Wildstrom
How a Digital Signature Works
Microsoft's new Service Pack makes life tough for programs lacking the
proper electronic
NEWS ANALYSIS :TECH
By Stephen H. Wildstrom
How a Digital Signature Works
Is this a count the errors contest? I count six.
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
The PRNG should be the least concern when using MSFT's cryptographic
provider. The MSFT report 140sp238.pdf says:
RSAENH stores keys in the file system, but relies upon Microsoft
Windows XP for the encryption of the keys prior to storage.
Not only RSAENH writes keys to a