[dsfjdssdfsd] specifying an RNG

"Dan Harkins" <dharkins@lounge.org> Fri, 15 November 2013 05:55 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D617E11E810A for <dsfjdssdfsd@ietfa.amsl.com>; Thu, 14 Nov 2013 21:55:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.665
X-Spam-Status: No, score=-3.665 tagged_above=-999 required=5 tests=[BAYES_50=0.001, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id Uwm4446a-T7d for <dsfjdssdfsd@ietfa.amsl.com>; Thu, 14 Nov 2013 21:55:32 -0800 (PST)
Received: from colo.trepanning.net (colo.trepanning.net []) by ietfa.amsl.com (Postfix) with ESMTP id CA3CA11E8109 for <dsfjdssdfsd@ietf.org>; Thu, 14 Nov 2013 21:55:29 -0800 (PST)
Received: from www.trepanning.net (localhost []) by colo.trepanning.net (Postfix) with ESMTP id B8E5B10224008 for <dsfjdssdfsd@ietf.org>; Thu, 14 Nov 2013 21:55:28 -0800 (PST)
Received: from (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Thu, 14 Nov 2013 21:55:28 -0800 (PST)
Message-ID: <f1fa93561577c1866315495de82b5437.squirrel@www.trepanning.net>
Date: Thu, 14 Nov 2013 21:55:28 -0800
From: Dan Harkins <dharkins@lounge.org>
To: dsfjdssdfsd@ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: [dsfjdssdfsd] specifying an RNG
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Nov 2013 05:55:37 -0000

  Hello, and welcome to the dsfjdssdfsd list!

  At the last IETF the question was asked, "what can we do to harden
the Internet?" Given the recent news about Dual_EC_DBRG and the
dopant attack against hardware RNGs one of the things that can be
done is to have an open specification of a secure RNG. This would
allow developers to have an alternative to relying solely on
/dev/[u]random, a hardware RNG, an RNG specified by a large
government-affiliated group to mix the uncorrelated sources of
entropy they gather, or an RNG designed in an ad hoc manner by
someone who thinks he knows what he's doing but probably

  One of the things that would be nice to get out of this list is a
specification on a strong RNG, in the form of a BCP or Informational
RFC. This doesn't necessarily mean lets "roll our own" but perhaps
there is best practice that can be specified.

  So, is there a model that defines what a "robust RNG" would look
like? Is there a suitable candidate that exists already for such a thing?