[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Fortezza random number generator is not trustworthy

To: [email protected]
Subject: Re: The Fortezza random number generator is not trustworthy
From: Eric Blossom <[email protected]>
Date: Tue, 26 Sep 1995 14:56:54 -0700
Cc: [email protected], [email protected]
In-Reply-To: <[email protected]> (message from Bill Stewart on Sat, 23 Sep 1995 15:52:30 -0700)
Sender: [email protected]

> On a technical note, I would have thought that Fortezza and/or CAPSTONE used
> some sort of hardware RNG, i.e. noisy Zener diodes or whatever.  I've seen it
> mentioned on this list that some other NSA secure phones, such as STU-III,
> do that.

I was under the impression that a seed for the RNG is loaded into the
Fortezza at initialization time.  This would make me think that they
are using a cryptographically strong PRNG.  This would give data that
appears random, but is completely determined by the initial state.

I suspect that the "seed keys" provided by the two agencies used to
program the Clipper chips has the same properties.  This makes the
question about how does the NSA get access to the key escrow database
moot.  They don't need access.  They know a priori all the unit keys.

Follow-Ups:
- Re: The Fortezza random number generator is not trustworthy
  - From: [email protected]

References:
- Re: The Fortezza random number generator is not trustworthy
  - From: Bill Stewart <[email protected]>

Prev by Date: Re: WSJ on Netscape Hole 3
Next by Date: Internet draft on MIME/PGP
Prev by thread: Re: The Fortezza random number generator is not trustworthy
Next by thread: Re: The Fortezza random number generator is not trustworthy
Index(es):
- Date
- Thread