[Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-12.txt
internet-drafts@ietf.org Tue, 05 May 2020 15:19 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: cfrg@ietf.org
Delivered-To: cfrg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B62013A085D; Tue, 5 May 2020 08:19:52 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: cfrg@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.129.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: cfrg@ietf.org
Message-ID: <158869199260.3536.18179216807919205018@ietfa.amsl.com>
Date: Tue, 05 May 2020 08:19:52 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/FG7R9dxu6xpjBeA3KmJkPUaPHZY>
Subject: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-12.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 May 2020 15:19:59 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Crypto Forum RG of the IRTF.
Title : Randomness Improvements for Security Protocols
Authors : Cas Cremers
Luke Garratt
Stanislav Smyshlyaev
Nick Sullivan
Christopher A. Wood
Filename : draft-irtf-cfrg-randomness-improvements-12.txt
Pages : 10
Date : 2020-05-05
Abstract:
Randomness is a crucial ingredient for Transport Layer Security (TLS)
and related security protocols. Weak or predictable
"cryptographically-strong" pseudorandom number generators (CSPRNGs)
can be abused or exploited for malicious purposes. The Dual_EC_DRBG
random number backdoor and Debian bugs are relevant examples of this
problem. An initial entropy source that seeds a CSPRNG might be weak
or broken as well, which can also lead to critical and systemic
security problems. This document describes a way for security
protocol participants to augment their CSPRNGs using long-term
private keys. This improves randomness from broken or otherwise
subverted CSPRNGs.
This document is a product of the Crypto Forum Research Group (CFRG)
in the IRTF.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-randomness-improvements/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-irtf-cfrg-randomness-improvements-12
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-randomness-improvements-12
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-irtf-cfrg-randomness-improvements-12
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [Cfrg] I-D Action: draft-irtf-cfrg-randomness-imp… internet-drafts