[IPP] Fwd: [Cfrg] RFC 8937 on Randomness Improvements for Security Protocols

[IPP] Fwd: [Cfrg] RFC 8937 on Randomness Improvements for Security Protocols

Ira McDonald blueroofmusic at gmail.com
Sun Oct 18 17:35:11 UTC 2020


---------- Forwarded message ---------
From: <rfc-editor at rfc-editor.org>
Date: Sat, Oct 17, 2020 at 8:36 AM
Subject: [Cfrg] RFC 8937 on Randomness Improvements for Security Protocols
To: <ietf-announce at ietf.org>, <rfc-dist at rfc-editor.org>, <
irtf-announce at irtf.org>
Cc: <drafts-update-ref at iana.org>, <cfrg at irtf.org>, <
rfc-editor at rfc-editor.org>

A new Request for Comments is now available in online RFC libraries.

        RFC 8937

        Title:      Randomness Improvements for Security Protocols
        Author:     C. Cremers,
                    L. Garratt,
                    S. Smyshlyaev,
                    N. Sullivan,
                    C. Wood
        Status:     Informational
        Stream:     IRTF
        Date:       October 2020
        Mailbox:    cremers at cispa.saarland,
                    lgarratt at cisco.com,
                    svs at cryptopro.ru,
                    nick at cloudflare.com,
                    caw at heapingbits.net
        Pages:      9
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-irtf-cfrg-randomness-improvements-14.txt

        URL:        https://www.rfc-editor.org/info/rfc8937

        DOI:        10.17487/RFC8937

Randomness is a crucial ingredient for Transport Layer Security (TLS)
and related security protocols.  Weak or predictable
"cryptographically secure" pseudorandom number generators (CSPRNGs)
can be abused or exploited for malicious purposes. An initial entropy
source that seeds a CSPRNG might be weak or broken as well, which can
also lead to critical and systemic security problems. This document
describes a way for security protocol implementations to augment
their CSPRNGs using long-term private keys. This improves randomness
from broken or otherwise subverted CSPRNGs.

This document is a product of the Crypto Forum Research Group (CFRG)
in the IRTF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce
lists.To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
  https://www.irtf.org/mailman/listinfo/irtf-announce

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


_______________________________________________
Cfrg mailing list
Cfrg at irtf.org
https://www.irtf.org/mailman/listinfo/cfrg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20201018/f39fb89d/attachment.html>


More information about the ipp mailing list