[149316] in cryptography@c2.net mail archive
Re: [Cryptography] Mac OS 10.7.5 Random Numbers
daemon@ATHENA.MIT.EDU (Bill Frantz)
Mon Feb 3 00:51:02 2014
X-Original-To: cryptography@metzdowd.com
Date: Sun, 2 Feb 2014 21:44:10 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <539EAC7C-4119-473F-8599-E31CBDA190F8@me.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2/2/14 at 9:34 PM, agr@me.com (Arnold Reinhold) wrote:
>Based on the Darwin source code posted at the xnu project,
>Apple uses the SHA1 version of Yarrow with the 1999 source code
>from Counterpane essentially unchanged. This give them a
>160-bit secret state. An obvious improvement would be to switch
>to SHA2 or SHA3 with a 256 or 512 bit state, but the Apple
>source contains this warning:
>
>"THIS FILE IS NEEDED TO PASS FIPS ACCEPTANCE FOR THE RANDOM NUMBER GENERATOR.
>IF YOU ALTER IT IN ANY WAY, WE WILL NEED TO GO THOUGH FIPS ACCEPTANCE AGAIN,
>AN OPERATION THAT IS VERY EXPENSIVE AND TIME CONSUMING. IN OTHER WORDS,
>DON'T MESS WITH THIS FILE."
>
Adding yet more evidence that FIPS standards work against
improved security. I wonder how much NSA advice had to do with
this situation.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
