|
|
|
|
|
|
by TacticalCoder
678 days ago
|
|
|
> They're changing apt to refuse to download from repositories signed using NIST curves, for instance.
>
> This doesn't make a whole lot of sense unless you think the NSA have an unknown backdoor... It's "only" a CSPRNG (Cryptographically INsecure PRNG in this case) but the NIST recommending a backdoored curve in the past is an undisputable fact. So I don't think it's that non-sensical to go for something simple like 2 exp 255 - 19. https://en.wikipedia.org/wiki/Dual_EC_DRBG |
|
|