[129382] in cryptography@c2.net mail archive
Re: On the "randomness" of DNS
daemon@ATHENA.MIT.EDU (Ben Laurie)
Thu Jul 31 09:50:30 2008
Date: Thu, 31 Jul 2008 04:06:30 +0100
From: Ben Laurie <ben@links.org>
To: Dirk-Willem van Gulik <dirkx@webweaving.org>
CC: Pierre-Evariste Dagand <pedagand@gmail.com>,
cryptography@metzdowd.com
In-Reply-To: <666AE0D3-2224-4E7A-AFD1-F95ED0999123@webweaving.org>
Dirk-Willem van Gulik wrote:
> I fail to see how you could evaluate this without seeing the code (and
> even then - I doubt that one can properly do this -- the ?old? NSA habit
> of tweaking your random generated rather than your protocol/algorithm
> when they wanted your produced upgraded to export quality - is terribly
> effective and very hard to spot).
>
> Or am I missing something ?
I think that, in general, you are correct. However, in the case of NAT
your adversary is not someone who is trying to guess your randomness,
but someone who is trying to sell you their NAT gateway. In this case,
code/silicon inspection probably suffices.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
