Re: [Cfrg] Dual_EC_DRBG ... [was RE: Requesting removal of CFRG co-chair]

Santosh Chokhani <SChokhani@cygnacom.com> Fri, 27 December 2013 19:15 UTC

Return-Path: <SChokhani@cygnacom.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3ED231ADF73 for <cfrg@ietfa.amsl.com>; Fri, 27 Dec 2013 11:15:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.54
X-Spam-Level:
X-Spam-Status: No, score=-0.54 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RP_MATCHES_RCVD=-0.538, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P805JwsfwUQb for <cfrg@ietfa.amsl.com>; Fri, 27 Dec 2013 11:15:12 -0800 (PST)
Received: from ipedge2.cygnacom.com (ipedge2.cygnacom.com [216.191.252.27]) by ietfa.amsl.com (Postfix) with ESMTP id 0DC9A1ADF31 for <cfrg@irtf.org>; Fri, 27 Dec 2013 11:15:11 -0800 (PST)
X-IronPort-AV: E=Sophos;i="4.95,561,1384318800"; d="scan'208";a="7707148"
Received: from unknown (HELO scygexch10.cygnacom.com) ([10.4.60.26]) by ipedge2.cygnacom.com with ESMTP; 27 Dec 2013 14:15:04 -0500
Received: from SCYGEXCH10.cygnacom.com ([::1]) by scygexch10.cygnacom.com ([fe80::d8df:b0bd:28be:ad62%15]) with mapi id 14.02.0247.003; Fri, 27 Dec 2013 14:15:04 -0500
From: Santosh Chokhani <SChokhani@cygnacom.com>
To: Adam Back <adam@cypherspace.org>, Dan Brown <dbrown@certicom.com>
Thread-Topic: [Cfrg] Dual_EC_DRBG ... [was RE: Requesting removal of CFRG co-chair]
Thread-Index: Ac8DLw6zrELDTKY9RcOiLU6mG9wN5wAMfeiAAApUX4A=
Date: Fri, 27 Dec 2013 19:15:03 +0000
Message-ID: <4262AC0DB9856847A2D00EF817E811390FDA0B@scygexch10.cygnacom.com>
References: <810C31990B57ED40B2062BA10D43FBF5C18718@XMB116CNC.rim.net> <20131227190907.GA23840@netbook.cypherspace.org>
In-Reply-To: <20131227190907.GA23840@netbook.cypherspace.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.60.24.80]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "'cfrg@irtf.org'" <cfrg@irtf.org>
Subject: Re: [Cfrg] Dual_EC_DRBG ... [was RE: Requesting removal of CFRG co-chair]
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Dec 2013 19:15:14 -0000

Validation labs do not get or want money for backdoors.

So, either quit your conspiratorial nonsense or take it to Hollywood,

-----Original Message-----
From: Cfrg [mailto:cfrg-bounces@irtf.org] On Behalf Of Adam Back
Sent: Friday, December 27, 2013 2:09 PM
To: Dan Brown
Cc: Adam Back; 'cfrg@irtf.org';
Subject: Re: [Cfrg] Dual_EC_DRBG ... [was RE: Requesting removal of CFRG co-chair]

Dan Brown wrote:
> [...]
> 8. All considered, I don't see how the ANSI and NIST standards for 
> Dual_EC_DRBG can be viewed as a subverted standard, per se.

Of course they're subverted.  We have Ferguson et al show how they could be backdoored.  We have internal NSA documents reported as talking about the subversion.  We have confirmation of RSA (inadvertently or not) accepting money to put a EC_DRBG as a default.  You yourself just said the validation labs are demanding the backdoored P & Q be used (and rejecting the provably uncooked implemented chosen parameters presumably).  NIST put the standard forward (inadvertently or not) from NSA input.

I am non-plussed at what you could be trying to say with the above statement.

Adam
_______________________________________________
Cfrg mailing list
Cfrg@irtf.org
http://www.irtf.org/mailman/listinfo/cfrg