Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Good and Bad Crypto



> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Derek Martin
> 
> Or... unless the NSA or some other organization has
> paid off the vendor to intentionally include weaknesses for them to
> exploit.  

If I give you a library that implements something like SHA1, it has a well defined deterministic behavior.  For any given input, it must produce a predetermined output, deterministically.  Please explain how it's possible to intentionally include a weakness into closed source implementation of this, and *not* equally possible to include such a weakness into an open source implementation.  Please provide an answer which doesn't include "Everybody should read and compile everything for themselves."



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org