I offered to PR a fork-safe DRBG that we've formally verified, but bad faith from poisonous lunatics on openssl-prng made me give up.
-
-
I think it's a different world now. Please get in touch. And I'm sorry.
2 replies 0 retweets 1 like -
Happy to go again. Is there a particularly good PR or Issue to put some observations/references/thoughts in?
2 replies 0 retweets 1 like -
I replied to the cryptography@ thread with links, proofs and rationale for the s2n design. You've been getting some undeserved hate there!
1 reply 0 retweets 1 like -
Look forward to reading your post. It wouldn't be the Internet without undeserved hate; I can handle it.
1 reply 0 retweets 1 like -
http://www.metzdowd.com/pipermail/cryptography/2017-June/032361.html … for the twitter gallery.
2 replies 0 retweets 1 like -
Orthogonally: of the stuff you painstakingly verified for s2n’s RNG: which map to actual security failures in real CSPRNGs?
1 reply 0 retweets 0 likes -
I value our test cases ( https://github.com/awslabs/s2n/blob/master/tests/unit/s2n_random_test.c … ), and our state machine model much more highly, which tackle fork safety.
2 replies 0 retweets 1 like -
Test cases for fork safety make a lot of sense, and I’m fine with CTR-DRBG, but why the concern about validating the DRBG itself?
1 reply 0 retweets 0 likes -
It's another kind of test, which effectively checks for all possible inputs, with 100% branch coverage. Sounds cool to me!
1 reply 0 retweets 1 like
Traditionally this kind of testing has been expensive and unreadable. Our dual mission (beyond proving s2n) with Galois is to change that.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.