I'm not sure I understand the point of libraries protecting against broken PRNG. At some point there will always be an attack if a PRNG is misbehaving. During the key exchange, after X generations, etc... so what's the point of protecting against that if you can't eventually?
“misuse” is a terrible terminology, rejecting the fault on developers. “misuse resistant” can be perceived as “idiot proof”. This is terrible. The actual problem we are trying to solve is how to work around a broken PRG, or short nonces.
-
-
I don't think I can agree with that. In the context of a protocol, you can't save the key exchange from a bad PRNG, so SIV or other APIs would not do anything useful post-handshake. They are indeed here to protect against developer mistakes : o
-
Everything doesn’t require key exchange.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.