[Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-04.txt
internet-drafts@ietf.org Mon, 11 March 2019 17:18 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: cfrg@ietf.org
Delivered-To: cfrg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 56A6B124BF6; Mon, 11 Mar 2019 10:18:15 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: cfrg@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.93.0
Auto-Submitted: auto-generated
Precedence: bulk
Reply-To: cfrg@ietf.org
Message-ID: <155232469531.23186.11646801413946178545@ietfa.amsl.com>
Date: Mon, 11 Mar 2019 10:18:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/Rb4WcLzoty2Ej8zTBdJBAQiqpAc>
Subject: [Cfrg] I-D Action: draft-irtf-cfrg-randomness-improvements-04.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2019 17:18:15 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Crypto Forum RG of the IRTF.
Title : Randomness Improvements for Security Protocols
Authors : Cas Cremers
Luke Garratt
Stanislav Smyshlyaev
Nick Sullivan
Christopher A. Wood
Filename : draft-irtf-cfrg-randomness-improvements-04.txt
Pages : 9
Date : 2019-03-11
Abstract:
Randomness is a crucial ingredient for TLS and related security
protocols. Weak or predictable "cryptographically-strong"
pseudorandom number generators (CSPRNGs) can be abused or exploited
for malicious purposes. The Dual EC random number backdoor and
Debian bugs are relevant examples of this problem. An initial
entropy source that seeds a CSPRNG might be weak or broken as well,
which can also lead to critical and systemic security problems. This
document describes a way for security protocol participants to
augment their CSPRNGs using long-term private keys. This improves
randomness from broken or otherwise subverted CSPRNGs.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-randomness-improvements/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-irtf-cfrg-randomness-improvements-04
https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-randomness-improvements-04
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-irtf-cfrg-randomness-improvements-04
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- [Cfrg] I-D Action: draft-irtf-cfrg-randomness-imp… internet-drafts