I'm not sure I understand the point of libraries protecting against broken PRNG. At some point there will always be an attack if a PRNG is misbehaving. During the key exchange, after X generations, etc... so what's the point of protecting against that if you can't eventually?
-
Show this thread
-
-
Replying to @cryptodavidw @lyon01_david
Saving you time. To the point that these attacks are not practical.
1 reply 0 retweets 1 like -
Replying to @jedisct1
I seems like a light "defense in depth" mechanism that is most often not going to be enough against cryptographic attacks. Things like SIV seems to target developer mistakes rather than faulty PRNG.
2 replies 0 retweets 0 likes
Replying to @cryptodavidw @lyon01_david
Preventing developer mistakes is the role of an API. Constructions protect against a potentially unsafe execution environment.
6:24 AM - 14 Nov 2017
from Paris
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.