Re: [Cfrg] Security proofs v DH backdoors

Peter Gutmann <> Sun, 30 October 2016 10:57 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9478912951D for <>; Sun, 30 Oct 2016 03:57:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.997
X-Spam-Status: No, score=-2.997 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id BoaKZy-HKPGb for <>; Sun, 30 Oct 2016 03:57:01 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 32061129518 for <>; Sun, 30 Oct 2016 03:56:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=mail; t=1477825019; x=1509361019; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=Ro1oyOQK1Xn6zEb7Dpq8RYOO/wrIigjFzFzFLlPKJEU=; b=Q8YS5AY1wBQf0DA6xhDpxYfzK6IXSP4mGRSmsMa8wu2gtv+ABweeMipW 9FHh3+J708RLtoYeCrcyiwd8JIYqHs3boIk4z0VXtv8EzQTDSKHfi5xGa sRjfhorWfVKg/W92M7jPiYUupJGZ80LL8EKjZHyFsMJkIC7FUcgcCpRv/ k8mhKVzwwNBOZoeRNbzLzAIjMc2TCBJx4M814KcvgwyU2m3zg7KbanVuQ Aw/4/eAzxs1Zn+N7RQVSaTUrXTLxkaql6GkQdL1Aai42OPyQRFbp1tLcD PhtmfWzOkQ7p71O3XIubsqsmUip6CyMsEQoXFWGpKkxgz5tKoRuzs7Xy7 A==;
X-IronPort-AV: E=Sophos;i="5.31,569,1473076800"; d="scan'208";a="112638957"
X-Ironport-Source: - Outgoing - Outgoing
Received: from ([]) by with ESMTP/TLS/AES256-SHA; 30 Oct 2016 23:56:50 +1300
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sun, 30 Oct 2016 23:56:49 +1300
Received: from ([]) by ([]) with mapi id 15.00.1178.000; Sun, 30 Oct 2016 23:56:49 +1300
From: Peter Gutmann <>
To: Michael Scott <>, CFRG <>
Thread-Topic: [Cfrg] Security proofs v DH backdoors
Thread-Index: AQHSMEAWZy2e+SPalEyp/G+CJ2BAv6C9nFXG//8rFoCABBBRCQ==
Date: Sun, 30 Oct 2016 10:56:48 +0000
Message-ID: <>
References: <> <> <> <> <> <20161027125120.4d260334@pc1> <>, <>
In-Reply-To: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [Cfrg] Security proofs v DH backdoors
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 30 Oct 2016 10:57:04 -0000

Michael Scott <> writes:

>As an influential opinion leader I think you really need to expand on that
>last paragraph. In the first sentence you need to define "harsh environment".
>The second sentence ("any fault of any kind") is manifestly untrue. And in
>the third sentence what industries exactly?

So I've been sitting here trying to figure out how to respond to this (and one
or two other messages).  I think there must be some sort of miscommunication
happening because I can't otherwise explain why you're asking what you are.
The options seem to be:

1. You're unaware of how vulnerable to faults ECC is.
2. You're unaware that computers experience faults.
3. We're talking at cross purposes/miscommunicating in some way.

Before I type up a long essay on #1 or #2 (which I'm not terribly keen on
doing) I want to make sure that you're really asking what you appear to be
asking, and one or both of us hasn't misinterpreted the others' position.