Re: [dsfjdssdfsd] Should secure RNGs be a MUST?
dan@geer.org Tue, 11 March 2014 21:22 UTC
Return-Path: <dan@geer.org>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4AA21A0810 for <dsfjdssdfsd@ietfa.amsl.com>; Tue, 11 Mar 2014 14:22:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CyRla5Y19Mfz for <dsfjdssdfsd@ietfa.amsl.com>; Tue, 11 Mar 2014 14:22:21 -0700 (PDT)
Received: from palinka.tinho.net (palinka.tinho.net [166.84.6.13]) by ietfa.amsl.com (Postfix) with ESMTP id E63511A0804 for <dsfjdssdfsd@ietf.org>; Tue, 11 Mar 2014 14:22:20 -0700 (PDT)
Received: by palinka.tinho.net (Postfix, from userid 126) id 6383622813B; Tue, 11 Mar 2014 17:22:13 -0400 (EDT)
Received: from palinka.tinho.net (localhost [127.0.0.1]) by palinka.tinho.net (Postfix) with ESMTP id 606EE2280BE; Tue, 11 Mar 2014 17:22:13 -0400 (EDT)
From: dan@geer.org
To: Alyssa Rowan <akr@akr.io>
In-Reply-To: Your message of "Tue, 11 Mar 2014 18:26:59 -0000." <531F5573.1050905@akr.io>
Date: Tue, 11 Mar 2014 17:22:13 -0400
Message-Id: <20140311212213.6383622813B@palinka.tinho.net>
Archived-At: http://mailarchive.ietf.org/arch/msg/dsfjdssdfsd/lnxloe-qe1D6C8vzA7zbeP2O6iI
Cc: dsfjdssdfsd@ietf.org
Subject: Re: [dsfjdssdfsd] Should secure RNGs be a MUST?
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd/>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Mar 2014 21:22:24 -0000
> > So, I am not totally sure about the question of whether secure > > RNGs should be a MUST. I wonder what others think. > > Given this list exists, I'd say yes: going forward, they MUST be. <g> > > Regarding your counterargument: I think security considerations > warrant MUST. > > I think secure RNGs really need to be considered a vital component to > analyse. They have clearly been considered a vital component to > attack: and no wonder. Insecure RNGs introduce major unexpected > problems, including predictable keys and key leakage, in protocols > which rely on secure RNGs to satisfy their security requirements. But > they can be subtle, and hard to verify. > ...snip... I know that this is not the right term as it has a pre-existing definition, but might you be arguing that a trustworthy RNG is a, if not the, "trust anchor" for security as we now understand it? That is to say "the authoritative entity for which trust is assumed and not derived"? [quotation from various Wiki def'ns] --dan
- Re: [dsfjdssdfsd] Should secure RNGs be a MUST? Dan Brown
- [dsfjdssdfsd] Should secure RNGs be a MUST? Dan Brown
- Re: [dsfjdssdfsd] Should secure RNGs be a MUST? Alyssa Rowan
- Re: [dsfjdssdfsd] Should secure RNGs be a MUST? Alyssa Rowan
- Re: [dsfjdssdfsd] Should secure RNGs be a MUST? dan
- Re: [dsfjdssdfsd] Should secure RNGs be a MUST? Stephen Farrell
- Re: [dsfjdssdfsd] Should secure RNGs be a MUST? Sandy Harris