"Mike Marlow" writes:
Han wrote:


Well, in my book, you can brainstorm an idea, formulate a(n)
hypothesis, perform experiments trying to prove the hypothesis, and
if supported formulate a theory. Then once totally vetted, tested,
and pulled through the wringer, if nothing untowards appears, it
becomes "law". Even then you need to be careful, as shown by the
recent instance of (not so) random number generation in the RSA
algorithm involved in money transactions via the internet.

I agree.


To be more precise, the recent issue with RSA factoring related to
weak PRNG implementations was primarily limited to embedded devices
such as routers and gateways. None of the factorable (and they used
a rather clever method using GCD to factor the keys) keys were associated
with any major website, or with any key signed by a trusted certification
authority (e.g. verisign et. al.). It seems the bulk of the bad keys were
generated on embedded devices, when first powered on, when the PRNG hadn't
had enough entropy to guarantee randomness.