Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-03.txt
"Stanislav V. Smyshlyaev" <smyshsv@gmail.com> Fri, 02 November 2018 07:15 UTC
Return-Path: <smyshsv@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DBF3C12D4E9; Fri, 2 Nov 2018 00:15:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dz9EC3GLAvcf; Fri, 2 Nov 2018 00:15:07 -0700 (PDT)
Received: from mail-qk1-x72c.google.com (mail-qk1-x72c.google.com [IPv6:2607:f8b0:4864:20::72c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CF66A12426A; Fri, 2 Nov 2018 00:15:06 -0700 (PDT)
Received: by mail-qk1-x72c.google.com with SMTP id d135so1539732qkc.12; Fri, 02 Nov 2018 00:15:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=921uYYnIQ5toUOiMI/5eE4SyJ919roOC5KZ4dM+abcE=; b=edkyRdhaRrNLREpYDsafILahZIOQEd8SpIcj1n4258wzFQDwZxD2RwFRBtm/ROJOWJ DgpKT0igkjDjHkvfV6vV4mNab3KIP2D7aiWQfQCmP2T/LcGLOaIWElUs3QTkHZoHBNkA ACFyxH9tcNGLZXVr95nGEmjmKveoNaDNj3DK3Wot+HdOAfS0RvKVtc9Ni8ROT+mBLs57 kaRW4KDIbiRihFF9JFcdSM+YGhHCXdyMx1rOY7ntNALqGIbNZfkqe1HogSkiWAQGmjI9 jec3cGDlMlYPHFDuUIy0PQUBkYIK62myNia7kiWGtZZlA+ZRvJbKZCa7UV630mt1hZjn Iwlg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=921uYYnIQ5toUOiMI/5eE4SyJ919roOC5KZ4dM+abcE=; b=XqAnW4aDobfQD6OmlI+al1+H5msjuUkBUYWaUuOAHQ9W88v/XKkNomfZlN/z3d4cvy WpKnNpfknSPqLxiJ0T0xCF3GgXUsnf36hIta4dLljiAg6Jj8SRVtlNfi/sxEdeMfBJt1 1st0NvJ3h21KC4DF0OYuUmhHSn5u+LR+Zo/9C4iOABZKx+OxtuQHbPgRa6x4jnF3BaZI Ii6pxdNKo/HluBofw+nkxmZam1ufpGnfoZfEuiDPHbEpOS/3C+briPNI72XCP66fOcJG hpam/RxpRH8AV2a7U6O0Bc6Mre7Wb0vv80f9LsTRkfKd4NprZ8FId+HrDY7N9bfYnrgJ C40g==
X-Gm-Message-State: AGRZ1gIBJ0r1sx4klg/GBuJmm6DCdbd/vfl6Am8VafkYjo5+Rc2g1G/r B4g1je+35t2ynhlkd0soxEVGU4zY637DXlfD1BQ=
X-Google-Smtp-Source: AJdET5fpFQR+smp+wg5ZMOWYZkOcheCHCd5Ad3KgFEy5gXjV/K0YMP1TA2uomfZO+FQX7dHuAW7erOgjb0ejlH2xBCs=
X-Received: by 2002:ac8:4709:: with SMTP id f9mr9536388qtp.58.1541142905819; Fri, 02 Nov 2018 00:15:05 -0700 (PDT)
MIME-Version: 1.0
References: <154013777846.10698.16370082623794804926@ietfa.amsl.com> <20181021125853.00004b5d@gmail.com>
In-Reply-To: <20181021125853.00004b5d@gmail.com>
From: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>
Date: Fri, 02 Nov 2018 14:14:53 +0700
Message-ID: <CAMr0u6n_zbc_oe1s8_8GTitGeJ7ny2U=1_XzEBY1U6d_O_64aQ@mail.gmail.com>
To: N6ghost <n6ghost@gmail.com>
Cc: cfrg@ietf.org, i-d-announce@ietf.org, internet-drafts@ietf.org
Content-Type: multipart/alternative; boundary="0000000000007317980579a94b46"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/AcAieeQvkYNlYG1uymg-x0UK7Vw>
Subject: Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-03.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Nov 2018 07:15:10 -0000
Good afternoon, dear colleagues! The security analysis for the construction described in the draft has been refined and updated, it is now publicly available at IACR ePrint: https://eprint.iacr.org/2018/1057.pdf Best regards, Stanislav пн, 22 окт. 2018 г. в 2:59, N6ghost <n6ghost@gmail.com>: > On Sun, 21 Oct 2018 09:02:58 -0700 > internet-drafts@ietf.org wrote: > > > A New Internet-Draft is available from the on-line Internet-Drafts > > directories. This draft is a work item of the Crypto Forum RG of the > > IRTF. > > > > Title : Randomness Improvements for Security > > Protocols Authors : Cas Cremers > > Luke Garratt > > Stanislav Smyshlyaev > > Nick Sullivan > > Christopher A. Wood > > Filename : > > draft-irtf-cfrg-randomness-improvements-03.txt Pages : 9 > > Date : 2018-10-21 > > > > Abstract: > > Randomness is a crucial ingredient for TLS and related security > > protocols. Weak or predictable "cryptographically-strong" > > pseudorandom number generators (CSPRNGs) can be abused or exploited > > for malicious purposes. The Dual EC random number backdoor and > > Debian bugs are relevant examples of this problem. An initial > > entropy source that seeds a CSPRNG might be weak or broken as well, > > which can also lead to critical and systemic security problems. > > This document describes a way for security protocol participants to > > augment their CSPRNGs using long-term private keys. This improves > > randomness from broken or otherwise subverted CSPRNGs. > > > > > > The IETF datatracker status page for this draft is: > > > https://datatracker.ietf.org/doc/draft-irtf-cfrg-randomness-improvements/ > > > > There are also htmlized versions available at: > > https://tools.ietf.org/html/draft-irtf-cfrg-randomness-improvements-03 > > > https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-randomness-improvements-03 > > > > A diff from the previous version is available at: > > > https://www.ietf.org/rfcdiff?url2=draft-irtf-cfrg-randomness-improvements-03 > > > > > > Please note that it may take a couple of minutes from the time of > > submission until the htmlized version and diff are available at > > tools.ietf.org. > > > > Internet-Drafts are also available by anonymous FTP at: > > ftp://ftp.ietf.org/internet-drafts/ > > > > _______________________________________________ > > Cfrg mailing list > > Cfrg@irtf.org > > https://www.irtf.org/mailman/listinfo/cfrg > > still reading the paper, but this seems like a good solution. its not > unlike the way OpenBSD does it. the take the hardware generated > randomness and use it as seed to another random generator. > > the general idea in OpenBSD was to have two random gens. one HW and > one SW. > > -N6Ghost > > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- [Cfrg] I-D Action: draft-irtf-cfrg-randomness-imp… internet-drafts
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness… N6ghost
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-randomness… Stanislav V. Smyshlyaev