From: Matthew B. Landry <mbl@ml7694a.leonard.american.edu>
To: Eli Brandt <ebrandt@jarthur.Claremont.EDU>
Message Hash: 1f7298f0130d68544243bec6f7968c8dcde37f001fe5c5298d5c7f040bad1f8f
Message ID: <9310062225.AA01850@toad.com>
Reply To: N/A
UTC Datetime: 1993-10-06 22:25:43 UTC
Raw Date: Wed, 6 Oct 93 15:25:43 PDT
From: Matthew B. Landry <mbl@ml7694a.leonard.american.edu>
Date: Wed, 6 Oct 93 15:25:43 PDT
To: Eli Brandt <ebrandt@jarthur.Claremont.EDU>
Subject: Re: Strong PRNGs
Message-ID: <9310062225.AA01850@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
>Another point: it raises the possibility of an interesting loophole
>in the ITAR. Cryptographic hash functions are exportable, as "systems
>for authentication", or something to that effect. A random-number
>generator based on a hash function should be exportable. After all,
>as you say,
>> I have many uses for random numbers and none of them is XOR encryption.
>
>But such an RNG *could* be used for encryption. If you package and
>market it as such, you're asking for trouble. But packaged as a
>library routine in a simulation library? It's not a fast PRNG, but
>it should be pretty good statistically.
Does it strike you as ironic that in this atmosphere where "exporting"
basically secure products like PGP is illegal, that exporting the tools to
generate one of the best possible (in the security sense) encryption systems
known to current technology (better than anything that can be implemented in
software, anyway) would be _legal_, because it also has ample uses that are
unrelated to cryptography?
If only One Time Pad style systems weren't so kludgey, this would
present the _perfect_ solution to our problems with ITAR and the like.
Unfortunately, there are some things they can't do. Oh well...
Please don't bother to tell me that we'd need to physically build
hardware to generate seeds for the hash functions, because I already know that.
I didn't say it was entirely practical, just that it was an interesting bit of
irony.
--
Matthew B. Landry
ml7694a@american.edu
(Finally!) mbl@ml7694a.leonard.american.edu
Return to October 1993
Return to “Matthew B. Landry <mbl@ml7694a.leonard.american.edu>”
1993-10-06 (Wed, 6 Oct 93 15:25:43 PDT) - Re: Strong PRNGs - Matthew B. Landry <mbl@ml7694a.leonard.american.edu>