I'm not sure I understand the point of libraries protecting against broken PRNG. At some point there will always be an attack if a PRNG is misbehaving. During the key exchange, after X generations, etc... so what's the point of protecting against that if you can't eventually?
-
Show this thread
-
-
Replying to @cryptodavidw @lyon01_david
Saving you time. To the point that these attacks are not practical.
1 reply 0 retweets 1 like -
Replying to @jedisct1
I seems like a light "defense in depth" mechanism that is most often not going to be enough against cryptographic attacks. Things like SIV seems to target developer mistakes rather than faulty PRNG.
2 replies 0 retweets 0 likes -
Replying to @cryptodavidw @lyon01_david
If the hardware has no persistent memory, no clock, no source of entropy, give developers solutions. Even if they are not optimal. Don’t blame developers for “mistakes”.
1 reply 0 retweets 1 like -
Replying to @jedisct1 @lyon01_david
“misuse” is a terrible terminology, rejecting the fault on developers. “misuse resistant” can be perceived as “idiot proof”. This is terrible. The actual problem we are trying to solve is how to work around a broken PRG, or short nonces.
1 reply 0 retweets 0 likes -
Replying to @jedisct1
I don't think I can agree with that. In the context of a protocol, you can't save the key exchange from a bad PRNG, so SIV or other APIs would not do anything useful post-handshake. They are indeed here to protect against developer mistakes : o
1 reply 0 retweets 0 likes
Everything doesn’t require key exchange.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.