@mattblaze I mean sbox's, the constants in md4/md5/sha1/TEA, etc. always assumed if changed, security props would degrade
-
-
Replying to @mattblaze
@mattblaze ah, so you're saying the backdoor itself has asymmetrical properties, i.e. a fast break reduces to breaking ECC itself1 reply 0 retweets 0 likes -
Replying to @mattblaze
@mattblaze do we know enough about the ECDBRG flaw to synthesize a similar DBRG with known keys, that we can then cryptanalyze?3 replies 0 retweets 0 likes -
Replying to @dakami
@dakami@mattblaze@matthew_d_green asked us to add it to crypto challenges, and it’s in set 8, but it could be a much earlier challenge.1 reply 0 retweets 1 like -
Replying to @tqbf
@tqbf@mattblaze@matthew_d_green we should standardize on a variant or two (VD-ECDBRG) and document its properties.2 replies 1 retweet 0 likes -
Replying to @dakami
@dakami@mattblaze@matthew_d_green Reasonable argument can be made that the sole benefit of an ECC CSPRNG is that it can be backdoored.3 replies 1 retweet 1 like -
Replying to @tqbf
@tqbf@mattblaze@matthew_d_green I think they can all be backdoored, but parameter flexibility to do so is way higher in ECC.2 replies 1 retweet 0 likes -
Replying to @dakami
@dakami@mattblaze@matthew_d_green You’re missing me. Point is there’s no good reason for CSPRNG to have asymmetric structure.2 replies 0 retweets 2 likes
@tqbf @dakami @mattblaze @matthew_d_green An asymmetric CSPRNG could be useful for the key holder. But, nobody else should use it.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.