IETF Logo Mail Archive

Re: [TLS] Extended random is NSA backdoor

Jacob Appelbaum <jacob@appelbaum.net> Mon, 31 March 2014 15:47 UTC

Return-Path: <jacob@appelbaum.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DF0D1A0884 for <tls@ietfa.amsl.com>; Mon, 31 Mar 2014 08:47:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Y4iFDfWPYVMB for <tls@ietfa.amsl.com>; Mon, 31 Mar 2014 08:47:32 -0700 (PDT)
Received: from mail-qc0-f180.google.com (mail-qc0-f180.google.com [209.85.216.180]) by ietfa.amsl.com (Postfix) with ESMTP id 2C7971A6F6A for <tls@ietf.org>; Mon, 31 Mar 2014 08:46:28 -0700 (PDT)
Received: by mail-qc0-f180.google.com with SMTP id w7so9014065qcr.25 for <tls@ietf.org>; Mon, 31 Mar 2014 08:46:24 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=a0wdyXY9wjQ7F8wWRi+1HstQnzpTFoilzHNh+LEPP1c=; b=CNsHk8HmJj11berYSKMIFTHAPHLxj+ApW0hTFSRP44cWAU0wGiK8eesusko4/x4Vcl Zh49S21KTN/91U5UkrY89lmttRoJ8NkBYMxT3DFNWSXIDZc8mk9ulIU9sAy2PslPtsQu EePx1vc8Y33/LufMFuzfmH6u2uSVkELk52NcLZy4rl+BMDMAgHe3RLqMHqq3mLQrCe3L UNRFfRslErT6zNDh0AIUHYv3ceFhG14UTcxn5SHgv0Wcu2bnVCpq3limFAvkqooOlALB X+b83N2Ke4Pwcmk+TtfIiMqP8U7ci1iouWRKw5kpBnSrd2qDy/c9zPy82OoKfaXsH1DD zDRQ==
X-Gm-Message-State: ALoCoQkqB9qTJtk2d+Z/VYog2ukfASJ2sScNv9CxKLUa/fL5Tx+RusxX405W+yT6rO4AiTRjjxB1
MIME-Version: 1.0
X-Received: by 10.229.58.68 with SMTP id f4mr9173733qch.18.1396280784742; Mon, 31 Mar 2014 08:46:24 -0700 (PDT)
Received: by 10.140.100.204 with HTTP; Mon, 31 Mar 2014 08:46:24 -0700 (PDT)
X-Originating-IP: [128.204.203.103]
In-Reply-To: <53398AB3.9090102@gmail.com>
References: <CACsn0cmOjLDVgHjN00vb7XVTEU2FS9ZP5Rdax1W7sUqVBPQdvA@mail.gmail.com> <53397B6F.9050806@mykolab.com> <CAL9PXLzuwKCZ2MhLUMviTW-aV19Zm-m=4mVEcmKkFUtHm6sPKQ@mail.gmail.com> <53397E0C.9000504@mykolab.com> <CA+cU71mbBs_ER31abZ1nP1FtVAwREMvRwpPmcLaSYZiXhqUPGg@mail.gmail.com> <53397F7C.2060603@mykolab.com> <53398AB3.9090102@gmail.com>
Date: Mon, 31 Mar 2014 15:46:24 +0000
Message-ID: <CAFggDF1GkYuYAQOLJKDT64k4TTvKM8HLn0Fac23YSyhayO-6+Q@mail.gmail.com>
From: Jacob Appelbaum <jacob@appelbaum.net>
To: Rene Struik <rstruik.ext@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/F9HL8pF2e_K9kZGyZrwfColes9c
Cc: "tls@ietf.org" <tls@ietf.org>, "D. J. Bernstein" <djb@cr.yp.to>
Subject: Re: [TLS] Extended random is NSA backdoor
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2014 15:47:34 -0000

On 3/31/14, Rene Struik <rstruik.ext@gmail.com> wrote:
> Dear colleagues:
>
> Not sure what is new here. The paper (with an impressive list of nine
> (!) co-authors) seems to be simply a validation of results already
> described in the Crypto 2007 rump session paper by Ferguson et al and in
> the teachings of a 2005 US patent application.
>

I was unaware that Ferguson et al did an internet wide scan or found
the speedup for the vulnerabilities? It seems to me that this work
confirms and expands on the previous research.

The intentions for such an implemention are also seemingly confirmed
thanks to the bravery of the whistleblower Edward Snowden.

Context is everything.

All the best,
Jacob

v2.23.0 | Report a Bug | By Email