[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wed, 11 Dec 2013, Philip Hudson wrote:
http://arstechnica.com/security/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/
Good move.Pseudo-random number generators are the weakest link in many a crypto system. They're also the easiest to backdoor - and such backdoors are the hardest to spot.
Putting them inside the hardware makes it even harder to detect.As the last paragraph of the article says, they way they do it, would have been a good move anyway, regardless of how much one trusts the hardware vendors.
Martijn.PS A few months ago, I wrote a blog about how the NSA backdoored a PRNG in a NIST standard. As secret backdoors go, it wasn't crafted particularly well. But it illustrates the possibilities:
http://www.lapsedordinary.net/2013/09/23/how-the-nsa-cheated-cryptography/ -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq