Security News > 2017 > August > Proof that HMAC-DRBG has No Back Doors (Schneier on Security)

New research: "Verified Correctness and Security of mbedTLS HMAC-DRBG," by Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, and Andrew W. Appel. Abstract: We have formalized the functional specification of HMAC-DRBG (NIST 800-90A), and we have proved its cryptographic security -- that its output is pseudorandom -- using a hybrid game-based proof. We have also proved that...

News URL

https://www.schneier.com/blog/archives/2017/08/proof_that_hmac.html