RT @tqbf: It’s not crazy for OpenSSL to redesign and simplify its CSPRNG. It is silly to make it MORE complicated. https://github.com/openssl/openssl/pull/3758 …
-
-
Orthogonally: of the stuff you painstakingly verified for s2n’s RNG: which map to actual security failures in real CSPRNGs?
-
I value our test cases ( https://github.com/awslabs/s2n/blob/master/tests/unit/s2n_random_test.c … ), and our state machine model much more highly, which tackle fork safety.
- 4 more replies
New conversation -
-
-
I don’t understand “if you’re doing a lot of ECDSA”. Per-record IVs, sure: little overhead except syscall. But ECDSA?
-
Oh yep! urandom is awful when you have 100s of threads, getrandom() better, but still slow. Handshake storms are a thing :( failover etc
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.