Techly NewsGet the app

Get the latest tech news

Attacking NIST SP 800-108 (Loss of Key Control Security)


If you’ve never heard of NIST SP 800-108 before, or NIST Special Publications in general, here’s a quick primer: Special Publications are a type of publication issued by NIST. Specifica…

Specifically, the SP 800-series reports on the Information Technology Laboratory’s research, guidelines, and outreach efforts in computer security, and its collaborative activities with industry, government, and academic organizations. Because KDFs are thought of as PRFs, but stronger, it seems perfectly reasonable that you could use KDF() in a setup where multiple inputs are provided, each from a different party, and the output would always be uniformly random. The public comments and Appendix B on the NIST document describe the actual steps of computing to force a chosen , which involve manipulating the structure of to achieve this result.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of loss

loss

Photo of NIST

NIST

Photo of key control security

key control security

Related news:

News photo

The NIST Finally Hires a Contractor to Manage CVEs

News photo

NIST turns to IT consultants to clear National Vulnerability Database backlog

News photo

Loss of nearly a full decade of information from early days of Chinese internet

« Cracking the Scheduling Code in Hay Day
Show HN: E-Paper 7-color display showing the current weather »