Mettez-vous hors ligne avec l'application Player FM !
'Jerry Solinas deserves a raise' with Steve Weis
Manage episode 379539079 series 2956114
We explore how the NIST curve parameter seeds were generated, as best we can, with returning champion Steve Weis!
“At the point where we find an intelligible English string that generates the
NIST P-curve seeds, nobody serious is going to take the seed provenance concerns seriously anymore.”
Transcript: https://securitycryptographywhatever.com/2023/10/12/the-nist-curves
Links:
- Steve’s post: https://saweis.net/posts/nist-curve-seed-origins.html
- ANSI X9.62 ECDSA: https://safecurves.cr.yp.to/grouper.ieee.org/groups/1363/private/x9-62-09-20-98.pdf / FIPS 186-2 https://csrc.nist.gov/files/pubs/fips/186-2/final/docs/fips186-2.pdf
- “A RIDDLE WRAPPED IN AN ENIGMA”: https://eprint.iacr.org/2015/1018.pdf
- https://arstechnica.com/information-technology/2015/01/nsa-official-support-of-backdoored-dual_ec_drbg-was-regrettable/
- https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-institute-of-standards-and-technology-78756/
- https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-security-agency-78755/
- Filippo’s bounty: https://words.filippo.io/dispatches/seeds-bounty/
- Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters - NIST 800-186 with Curve25519 and friends
- RFC 8422: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier
- https://www.rfc-editor.org/rfc/rfc4492#section-6
- https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/
- https://en.wikipedia.org/wiki/Bullrun_(decryption_program)
- https://en.wikipedia.org/wiki/BSAFE
- https://sockpuppet.org/blog/2015/08/04/is-extended-random-malicious/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
41 episodes
Manage episode 379539079 series 2956114
We explore how the NIST curve parameter seeds were generated, as best we can, with returning champion Steve Weis!
“At the point where we find an intelligible English string that generates the
NIST P-curve seeds, nobody serious is going to take the seed provenance concerns seriously anymore.”
Transcript: https://securitycryptographywhatever.com/2023/10/12/the-nist-curves
Links:
- Steve’s post: https://saweis.net/posts/nist-curve-seed-origins.html
- ANSI X9.62 ECDSA: https://safecurves.cr.yp.to/grouper.ieee.org/groups/1363/private/x9-62-09-20-98.pdf / FIPS 186-2 https://csrc.nist.gov/files/pubs/fips/186-2/final/docs/fips186-2.pdf
- “A RIDDLE WRAPPED IN AN ENIGMA”: https://eprint.iacr.org/2015/1018.pdf
- https://arstechnica.com/information-technology/2015/01/nsa-official-support-of-backdoored-dual_ec_drbg-was-regrettable/
- https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-institute-of-standards-and-technology-78756/
- https://www.muckrock.com/foi/united-states-of-america-10/origin-of-fips-186-4-elliptic-curves-over-prime-field-seed-parameters-national-security-agency-78755/
- Filippo’s bounty: https://words.filippo.io/dispatches/seeds-bounty/
- Recommendations for Discrete Logarithm-based Cryptography: Elliptic Curve Domain Parameters - NIST 800-186 with Curve25519 and friends
- RFC 8422: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier
- https://www.rfc-editor.org/rfc/rfc4492#section-6
- https://blog.cryptographyengineering.com/2017/12/19/the-strange-story-of-extended-random/
- https://en.wikipedia.org/wiki/Bullrun_(decryption_program)
- https://en.wikipedia.org/wiki/BSAFE
- https://sockpuppet.org/blog/2015/08/04/is-extended-random-malicious/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
41 episodes
Tous les épisodes
×Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.