Re: Netscape's purported RNG

• To: jis@mit.edu (Jeffrey I. Schiller)
• Subject: Re: Netscape's purported RNG
• From: Adam Shostack <adam@bwh.harvard.edu>
• Date: Fri, 22 Sep 1995 17:54:43 -0400 (EDT)
• Cc: des@ebt.com, www-security@ns2.rutgers.edu
• In-Reply-To: <ac886c8901021004e728@[18.162.1.1]> from "Jeffrey I. Schiller" at Sep 22, 95 09:39:19 am

Jeff wrote:

| At 8:35 9/21/95, Don Stinchfield wrote:
| >Instead of dicsussing internal mechanisms for providing high quality
| >products I think we should be discussing external mechanisms
| >for proving the security claims of a product.  I'm not sure how difficult
| >this may be but a set of conformance tests could be created (?) that can
| >be used to verify that a product has achieved its desired security level.

| Turns out you cannot do this for security, or more specifically for testing
| cryptographic algorithms and for analyzing random number generators.

	While it might be difficult to do this automatically, it is
possible for a code review to pick up on things like this.  Ross
Anderson has written some excellent papers (Robustness Principles for
Public Key Protocols (Crypto '95), Why Cryptosystems Fail (CACM Nov
94) and others).

	I think there would be a value to a 'Good Security coding'
seal of approval, implemented by people reviewing code for a price.

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

• Re: Netscape's purported RNG
• From: jis@mit.edu (Jeffrey I. Schiller)

• Previous: Netscape etc
• Next: Re: What's the netscape problem
• Index(es):
  • Index
  • Thread