Key generation

2008-05-19 10:35
gdt: Kangaroo road sign (Default)
[personal profile] gdt

Some people have suggested banning DSA keys because they are insecure when the random number generator used to seed them is poor (as recently happened in Debian's OpenSSL). This is a bit naive since RSA key generation is vulnerable to particular failure modes during key generation as well. Doubtless if the Debian vulnerablilty had struck one of those we'd now be seeing the reverse suggestion.

One of the big differences between military crypto and civilian crypto is the lack of suspicion in civilian crypto that the process has worked. Military crypto lives in fear of subversion of key generation (since, as we have seen, that exposes a complete crypto deployment) and extensively tests inputs and outputs. This paranoia not only catches subversion but implementation error as well. I hope this flaw encourages this suspicion of correct working to become commonplace in civilian crypto code.

Hopefully this fiasco will re-energise hardware manufacturers into providing hardware-based randomn number generation. The current scavenging across the operating system for any source of entropy isn't acceptable and is one of the root causes of this current flaw.

Tags:
This account has disabled anonymous posting.
(will be screened)
(will be screened)
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting

If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

gdt: Kangaroo road sign (Default)
Glen Turner

September 2021

S M T W T F S
   1234
567891011
121314151617 18
19202122232425
2627282930  

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated 2025-06-20 02:03
Powered by Dreamwidth Studios