Re: [dsfjdssdfsd] specifying an RNG
Yaron Sheffer <yaronf.ietf@gmail.com> Fri, 15 November 2013 17:47 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F27811E8203 for <dsfjdssdfsd@ietfa.amsl.com>; Fri, 15 Nov 2013 09:47:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.335
X-Spam-Level:
X-Spam-Status: No, score=-102.335 tagged_above=-999 required=5 tests=[AWL=-0.088, BAYES_00=-2.599, SARE_SUB_11CONS_WORD=0.352, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zlX4iVFLMUoo for <dsfjdssdfsd@ietfa.amsl.com>; Fri, 15 Nov 2013 09:47:46 -0800 (PST)
Received: from mail-wi0-x22a.google.com (mail-wi0-x22a.google.com [IPv6:2a00:1450:400c:c05::22a]) by ietfa.amsl.com (Postfix) with ESMTP id 5926021F9CE9 for <dsfjdssdfsd@ietf.org>; Fri, 15 Nov 2013 09:47:01 -0800 (PST)
Received: by mail-wi0-f170.google.com with SMTP id f4so2785784wiw.3 for <dsfjdssdfsd@ietf.org>; Fri, 15 Nov 2013 09:46:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=STLFzmdfo4JC+VtePqm+6RJxkqGxQoMn1kfYDrKGC/s=; b=GwfdeW9holaLf9Lcs8wWiq+P2I/4d87EPm/sd0onGbiKVbpSVrGpC2j2GBPt/oCR6o a8uFLimqyw7fNAu3reaO9ltSGAZWnjI1HnVatsmx5woxz5/s3eGJjXgUan0J3mSfPoTg i+5M78G0DXQVEezBZlnGC+mWL2ok+5v7RLV5MNIpgxhNsDOeU6Qf0gY1I+zVCRghJvfx uxfoFxMYXpALNRw8aH4k3P2LyLrA5mgpQYz9wuGOyreGB16r00tHMIv7i9y93U5o1Znz QI1QdOHhZ+B+hEuJUurOIfvb/YP3AvK6ICrGhiShx0XqftCD21V2Pkt0hwzxzsxJnolf anJQ==
X-Received: by 10.194.23.8 with SMTP id i8mr1065827wjf.68.1384537609827; Fri, 15 Nov 2013 09:46:49 -0800 (PST)
Received: from [10.0.0.9] (bzq-79-182-173-156.red.bezeqint.net. [79.182.173.156]) by mx.google.com with ESMTPSA id uc12sm7161162wib.3.2013.11.15.09.46.48 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 15 Nov 2013 09:46:49 -0800 (PST)
Message-ID: <52865E07.6020105@gmail.com>
Date: Fri, 15 Nov 2013 19:46:47 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
References: <f1fa93561577c1866315495de82b5437.squirrel@www.trepanning.net> <5286580F.3050105@gmail.com> <573A5C4A-290D-4942-A113-B7E4315E9198@cisco.com>
In-Reply-To: <573A5C4A-290D-4942-A113-B7E4315E9198@cisco.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "<dsfjdssdfsd@ietf.org>" <dsfjdssdfsd@ietf.org>, Dan Harkins <dharkins@lounge.org>
Subject: Re: [dsfjdssdfsd] specifying an RNG
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Nov 2013 17:47:47 -0000
Works for me, including the caveat on adopting an already vetted RNG. Yaron On 11/15/2013 07:34 PM, Joseph Salowey (jsalowey) wrote: > > On Nov 15, 2013, at 9:21 AM, Yaron Sheffer <yaronf.ietf@gmail.com> > wrote: > >> Hi Dan, >> >> While I'm fully supportive of what you're out to achieve, I'm not clear on what it is :-) >> >> Option A: specify requirements for an RNG (must mix multiple sources of randomness, must survive state disclosure, the output must not reveal the internal state for a standard attacker model, etc.) >> > > [Joe] Yes > >> Option B1: specify the deterministic part of an RNG, i.e. the crypto algorithm. >> > > [Joe] Yes, except choose an exiting RNG and describe how to use it to meet requirements in A > >> Option B2: specify the deterministic part, as well as the randomness sources (I'm avoiding the E word...). >> > > [Joe] While this is somewhat out of scope we ought to provide whatever guidance we can so folks can avoid common implementation errors. I think there are useful recommendations we can make based on the list of issues posted on a different thread. > >> Option A is important but most of us don't like requirements documents... >> >> Option B1 is certainly fun, but traditionally such work has not been done in the IETF. In most cases we have recommended or adopted work done by other standards bodies or even individual cryptographers. >> >> Option B2 is IMHO too OS-specific to be useful. >> >> So which is it? >> >> Thanks, >> Yaron >> >> _______________________________________________ >> dsfjdssdfsd mailing list >> dsfjdssdfsd@ietf.org >> https://www.ietf.org/mailman/listinfo/dsfjdssdfsd >
- [dsfjdssdfsd] specifying an RNG Dan Harkins
- Re: [dsfjdssdfsd] specifying an RNG Eric Burger
- Re: [dsfjdssdfsd] specifying an RNG Donald Eastlake
- Re: [dsfjdssdfsd] specifying an RNG Yaron Sheffer
- Re: [dsfjdssdfsd] specifying an RNG Joseph Salowey (jsalowey)
- Re: [dsfjdssdfsd] specifying an RNG Yaron Sheffer
- Re: [dsfjdssdfsd] specifying an RNG Michael Hammer
- Re: [dsfjdssdfsd] specifying an RNG Dan Harkins
- Re: [dsfjdssdfsd] specifying an RNG Russ Housley
- Re: [dsfjdssdfsd] specifying an RNG Russ Housley
- Re: [dsfjdssdfsd] specifying an RNG Dan Harkins