OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

kmip message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Various RNG proposals

Documents reviewed:


Comment on kmip-rng-base-wd01:

Draft NIST SP800-90C specifies two constructions for NRBGs: XOR and oversampling. Can we add an NRBG construction field enumeration to the RNG Parameters structure to identify these construction types?

General comments on RNG support and usage in KMIP:

Whilst I think that each of these proposals has merit, and are beginning to partially address some of the issues that I have raised before, I do not believe that they go far enough. They do not address the most serious issue: the proposed cryptographic services for the 1.2 standard support implementations that allow any client to seed an RNG used by the server, and all other clients. The standard does not encourage, recommend, or require secure random implementations.

At the very least, Usage Guide documentation should identify this issue, and  discourage implementations that allow these RNG side channel attacks. As a next step, there should be a separate profile for each random reseed behaviour that a server can implement. Best of all, require independent random instances that do not leak information between clients, or clients and server.


John Leiseboer                          QuintessenceLabs Pty Ltd
Chief Technology Officer                Suite 23, Physics Building #38
Phone:  +61 7 5494 9291 (Qld)           Science Road
Phone:  +61 2 6125 9498 (ACT)           Australian National University
Mobile: +61 409 487 510                 Acton ACT 0200
Fax:    +61 2 6125 7180                 AUSTRALIA
Email:  JL@quintessencelabs.com         www.quintessencelabs.com

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]