Re: [dsfjdssdfsd] specifying an RNG

"Dan Harkins" <dharkins@lounge.org> Sun, 17 November 2013 08:35 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B836E11E88C2 for <dsfjdssdfsd@ietfa.amsl.com>; Sun, 17 Nov 2013 00:35:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.351
X-Spam-Level:
X-Spam-Status: No, score=-5.351 tagged_above=-999 required=5 tests=[AWL=0.562, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4, SARE_SUB_11CONS_WORD=0.352]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kqtRCPWpUtmA for <dsfjdssdfsd@ietfa.amsl.com>; Sun, 17 Nov 2013 00:35:46 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 339DF11E88BF for <dsfjdssdfsd@ietf.org>; Sun, 17 Nov 2013 00:35:46 -0800 (PST)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 610F310224008; Sun, 17 Nov 2013 00:35:45 -0800 (PST)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Sun, 17 Nov 2013 00:35:45 -0800 (PST)
Message-ID: <525aec4425179480df24c5e275c0c9e7.squirrel@www.trepanning.net>
In-Reply-To: <8AC26C38-F2E4-44DA-B731-B795258EF186@vigilsec.com>
References: <f1fa93561577c1866315495de82b5437.squirrel@www.trepanning.net> <8AC26C38-F2E4-44DA-B731-B795258EF186@vigilsec.com>
Date: Sun, 17 Nov 2013 00:35:45 -0800
From: Dan Harkins <dharkins@lounge.org>
To: Russ Housley <housley@vigilsec.com>
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Cc: dsfjdssdfsd@ietf.org, Dan Harkins <dharkins@lounge.org>
Subject: Re: [dsfjdssdfsd] specifying an RNG
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Nov 2013 08:35:51 -0000

  Hi Russ,

On Sat, November 16, 2013 4:18 pm, Russ Housley wrote:
> Dan:
>
> Random or pseudorandom?  Do you care?

  The output has to be suitable for doing a digital signature or
a Diffie-Hellman key exchange.

  Dan.

> Russ
>
>
> On Nov 15, 2013, at 12:55 AM, Dan Harkins wrote:
>
>>
>>  Hello, and welcome to the dsfjdssdfsd list!
>>
>>  At the last IETF the question was asked, "what can we do to harden
>> the Internet?" Given the recent news about Dual_EC_DBRG and the
>> dopant attack against hardware RNGs one of the things that can be
>> done is to have an open specification of a secure RNG. This would
>> allow developers to have an alternative to relying solely on
>> /dev/[u]random, a hardware RNG, an RNG specified by a large
>> government-affiliated group to mix the uncorrelated sources of
>> entropy they gather, or an RNG designed in an ad hoc manner by
>> someone who thinks he knows what he's doing but probably
>> doesn't.
>>
>>  One of the things that would be nice to get out of this list is a
>> specification on a strong RNG, in the form of a BCP or Informational
>> RFC. This doesn't necessarily mean lets "roll our own" but perhaps
>> there is best practice that can be specified.
>>
>>  So, is there a model that defines what a "robust RNG" would look
>> like? Is there a suitable candidate that exists already for such a
>> thing?
>>
>>  regards,
>>
>>  Dan.
>>
>>
>> _______________________________________________
>> dsfjdssdfsd mailing list
>> dsfjdssdfsd@ietf.org
>> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
>
> _______________________________________________
> dsfjdssdfsd mailing list
> dsfjdssdfsd@ietf.org
> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
>