Forgot your password?

Comment: Re:What's the cost to use a real rng vs psudo (Score 2, Interesting) 86

>no one can know if Intel could have a backdoor into it.

Except me and my colleagues, who have full visibility of it and know if a back door was put in it and no, a back door was not put in it.

If there was a back door, it would only take one person out of several hundred of those people who would know, to tell the world about a backdoor. If there isn't a backdoor (which there isn't), then there's no back door to tell the world about.

We are a company full of techies most of whom like open source principles and personal data security. So if there was a back door, you would find out about it because you could pretty much guarantee that someone would bleat, and justly so.

Comment: Not the only change (Score 2, Interesting) 86

They also made many other changes. See appendix F of draft 1. I'm in the middle of reviewing them

The announcement and RFC is here.
The comments from the previous round addressed far more than just the Dual_EC_DRBG.

There are structural issues in the spec. My comments on the previous draft address them:
1) Flow control: ES pushing, vs conditioner pulling. Reseeding on demand vs when entropy is available.
2) A purely software centric API, when all nondeterministic random number generators need a hardware component.
3) Online testing that is too onerous for resource constrained solutions, when effective technical solution exists that have been ignored.
4) Conditioners (really an SP800-90B thing, but A, B and C go hand in hand) are all single source conditioners based on large crypto functions. The current state of math tells us multiple input conditioners can be implemented with non cryptographic methods in fewer gates with higher lower-bounds for min entropy out.

There's more. See the comments.

"If that makes any sense to you, you have a big problem." -- C. Durance, Computer Science 234