From: paul@fatmans.demon.co.uk
Date: Mon, 30 Sep 1996 03:01:15 +0800
To: cypherpunks@toad.com
Subject: Re: Mousepad RNG's?
Message-ID: <844013772.1731.0@fatmans.demon.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


> At 8:13 PM -0700 9/27/96, James A. Donald wrote:
> 
>Some time ago, at a cypherpunks conference, people were making
>all sorts of ridiculous proposals for being really, really,
>really, sure that you had real entropy, and a prominent
>cypherpunk, possibly Tim May, said, "This is ridiculous:
>Nobody ever broke good crypto through weakness in the
>source of truly random numbers".  Sometime after that
>Netscape was broken through weakness in the source of
>truly random numbers.

This is correct only in the first part, it is true that good 
cryptography has never been documentably broken through weaknesses in 
a real random source.

The netscape attack was on the PRNG used in netscape, the proverbial 
state of sin. I don`t know what PRNG netscape used in the broken 
version, can anyone tell me what they used, and whether it was the 
PRNG or the seed that was weak, also I would be interested to know 
what they are using now in terms of the algorithm and seed...

 

  Datacomms Technologies web authoring and data security
       Paul Bradley, Paul@fatmans.demon.co.uk
  Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: 5BBFAEB1
     "Don`t forget to mount a scratch monkey"