[Cryptech Tech] Some thoughts and questions on the RNG strategy

Joachim Strömbergson joachim at secworks.se
Sat Feb 8 09:18:16 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Daniel Cegiełka wrote:
> A lot of key projects migrate to the crypto designed by djb (e.g. 
> OpenSSH, OpenSSL, GnuTLS, GnuPG). djb's algorithms are used in other 
> implementations, such as BLAKE/BLAKE2, NTRU, scrypt etc.

Yes, good points. There is considerable momentum for Salsa20, ChaCha
(and other DJB algorithms). Scrypt is a good reference. And Blake which
was runner up to SHA-3 and is based on ChaCha.


> The old name remained in order not to break compatibility with other
> software.

Quite understandable. I saw that someone has provided a patch to update
FreeBSD in similar way with ChaCha20. Not sure if that has happened yet.


> btw. http://blog.cr.yp.to/20140205-entropy.html

That is a very interesting posting. Judging by the massive discussions
on @cryptography the consensus is far away. And I've tried to understand
the DJB writeup in the context of Cryptech and what we try to achieve.
In terms of knowledge, an attacker would clearly now how we do the
generation (the G(G(x,y,z)) in the text). But would the attack still
hold given our ideas related to how we use entropy sources and protect
them? Not sure. What do you think?

I see (for example) this post by IanG as a total opposite ideawise. And
this seems to be closer to the general current thoughts on designing a
RNG (judging by @cryptography and other lists as well as current RNG
designs). Not that it implies being right.

http://iang.org/ssl/hard_truths_hard_random_numbers.html

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJS9fZYAAoJEF3cfFQkIuyNd5QP/2xR/pwF2YWGIMB1mwAhkxFb
IChijzBCIoAHdhva9VK7Sok052yAWVUnYcKKHSghqvSMVBXxd0n+HpPJWdaBObKh
MJj1D1MCVKwz1F+BDdGHpmF7drrQ/ZjD2DC2Je4WpwuO0qL1pd0YILvI9wfVugoA
4ww1Yhb3mBqbl4RJTL+d9yz8QY2MaogIwXMlnpmYVdfxpchhDOp1/L+j7CLgjlTZ
yT9+MFeirewpY//qMpJvLTje/DWniXGXoFrgAHTx2EMe0j5r0gjKuLXJfJlJYyp/
7JkLUG4bUHU0XdWeT0/VLY3G/FW1/z83ZidR6fH2bZwvaTE/pXKBtgLe3lVhcDMk
vLnW2m4aOflp07JWrsaRbJ2L5vqrk7Y3rgKIRa53ziptx8F8w8ctQLCK8tZVMQpo
3o89YJ+zsUU9P12rPX4C8KQXU/+Op361DPzDtyzDIJXZgtrJCBOGJNIJMPzrWGHd
1JhNnLZRASVSpxN6eHzvVTSRWIK9RWK/U5srt7u86xxVTtfkWVnhXJOvGy9vyAr9
WafTOTPdZmUF+WUvWOy/YBOT2+W5scuFu2363ZHUsdYEK5VeKzQuInpBZ5ysAe9l
FQ/uRDQ6Kol0pbIVXuaY8wyyUPQ0S9OMwRgMRY+IPee3Ye6pUkMe3uTSwtcEfbDo
hzU3GwHNpJgLu3xnV23x
=QSB4
-----END PGP SIGNATURE-----



More information about the Tech mailing list