[15882] in cryptography@c2.net mail archive
RE: Microsoft .NET PRNG (fwd)
daemon@ATHENA.MIT.EDU (Anton Stiglic)
Tue Aug 10 12:24:14 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Anton Stiglic" <astiglic@okiok.com>
To: "'J.A. Terranson'" <measl@mfn.org>
Cc: <cryptography@metzdowd.com>
Date: Mon, 9 Aug 2004 23:20:37 -0400
In-Reply-To: <20040731104757.J2483@ubzr.zsa.bet>
There is some detail in the FIPS 140 security policy of Microsoft's
cryptographic provider, for Windows XP and Windows 2000. See for =
example
http://csrc.nist.gov/cryptval/140-1/140sp/140sp238.pdf
where they say the RNG is based on FIPS 186 RNG using SHS. The seed is
based on the collection of allot of data, enumerated in the security =
policy.
I would guess that what is written is true, less NIST would look very =
bad if
someone reversed engineered the code and showed that what they certified =
was
wrong.
So based on that it would seem that the PRNG in recent Microsoft
cryptographic providers is o.k.
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
