NIST and PRNGs ... er sorry DRBG
- From: tomstdenis@xxxxxxxxx
- Date: 13 Jun 2006 11:21:16 -0700
What's with NIST and the continual stream of garbage they put out?
SP 800-90 specifies random number generators ... oh sorry pseudo random
number generators ... no wait ... deterministic random bit generators!
Yes, let's not use any standard wording, that may be beneficial.
Then you look at it and they have Hash_DRBG and Cipher_DRBG and
HMAC_DRBG and EC_DRBG.... The design requires seeds be exact lengths
[seedlen] uses random constants, has two hash derive functions [hash_df
and hashgen] which do the same thing... arrg.
I get the point of the first two, but WTF is hmac_drbg for? Who wants
to use an HMAC? And what's up with the ECC stuff? Like I really want
to spend 100,000x more time per bit just so I can impress my math
prof...
Too bad the comment period is up... but I have to question how designs
like this actually get past the sanity checker. I mean John Kelsey is
someone I'd normally trust to make a good spec but this is awful.
bad!!!
Tom
.
- Follow-Ups:
- Re: NIST and PRNGs ... er sorry DRBG
- From: Salami Man
- Re: NIST and PRNGs ... er sorry DRBG
- Prev by Date: Re: The real trojan is a free USB stick :-)
- Next by Date: 1st International Conference (ATACG) 2007: BAGHDAD
- Previous by thread: Could anyone verify a term for me?
- Next by thread: Re: NIST and PRNGs ... er sorry DRBG
- Index(es):
Relevant Pages
|
