RT @tqbf: It’s not crazy for OpenSSL to redesign and simplify its CSPRNG. It is silly to make it MORE complicated. https://github.com/openssl/openssl/pull/3758 …
-
-
For me the value of the formal proof is not having to repeat the millions of hours of randomness testing that has been done on AES_CTR_DRBG.
-
You’ve lost me here. Why do we need randomness testing on CTR-DRBG? Do we believe AES to be broken?
- 2 more replies
New conversation -
-
-
Test cases for fork safety make a lot of sense, and I’m fine with CTR-DRBG, but why the concern about validating the DRBG itself?
-
It's another kind of test, which effectively checks for all possible inputs, with 100% branch coverage. Sounds cool to me!
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.