1993-04-13 - Re: Security Dynamics

Header Data

From: Marc Horowitz <marc@GZA.COM>
To: Eric Hughes <hughes@soda.berkeley.edu>
Message Hash: 8aff2f937312d5a22dd666de074c5cf037cb45b79e3955a32f08b9df0c685cf7
Message ID: <9304130302.AA02654@pad-thai.aktis.com>
Reply To: <9304121649.AA26494@soda.berkeley.edu>
UTC Datetime: 1993-04-13 03:01:11 UTC
Raw Date: Mon, 12 Apr 93 20:01:11 PDT

Raw message

From: Marc Horowitz <marc@GZA.COM>
Date: Mon, 12 Apr 93 20:01:11 PDT
To: Eric Hughes <hughes@soda.berkeley.edu>
Subject: Re: Security Dynamics
In-Reply-To: <9304121649.AA26494@soda.berkeley.edu>
Message-ID: <9304130302.AA02654@pad-thai.aktis.com>
MIME-Version: 1.0
Content-Type: text/plain


>> Now, if the number changes every minute, that's a little over 10,000
>> samples in a week, certainly enough to determine if they are using
>> weak random number generation.

1) not true.  I read an article about a pseudorandom number generator
which appeared random to every test they used on it.  Then they went
and did a monte carlo simulation of something based on that prng.
Guess what?  It wasn't quite random enough.  Lesson: it can be *very*
hard to determine randomness.

2) The sequence is not random.  It is cryptographically pseudorandom.
This is very different.

3) A friend who has a significant math background in crypto stuff has
seen the Security Dynamics algorithms (under non-disclosure), and says
that they're credible.  That vouches for their theory.  That they
insist on programming the cards and keeping the keys themselves, and
that they do not allow you to program the cards yourself, is a major
problem, no matter how good their math is.

		Marc





Thread