On Tue, 16 Dec 2008, mhey...@gmail.com wrote:
On Thu, Dec 11, 2008 at 8:42 PM, Damien Miller d...@mindrot.org wrote:
On Thu, 11 Dec 2008, James A. Donald wrote:
If one uses a higher resolution counter - sub
microsecond - and times multiple disk accesses, one gets
true physical
StealthMonger stealthmon...@nym.mixmin.net writes:
Connection-based communication such as Skype and OTR do not provide this
capability. The hop by hop store-and-forward email network does. This is not
busted or wrong. It's essential.
... to a statistically irrelevant bunch of geeks. Watch
On Dec 16, 2008, at 12:10 PM, Simon Josefsson wrote:
...I agree with your recommendation to write an AES key to devices at
manufacturing time. However it always comes with costs, including:
1) The cost of improving the manufacture process sufficiently well to
make it unlikely that compromised
On Dec 16, 2008, at 4:22 PM, Charles Jackson wrote:
I probably should not be commenting, not being a real device guy.
But,
variations in temperature and time could be expected to change SSD
timing.
Temperature changes will probably change the power supply voltages
and shift
some of the
Jerry Leichter leich...@lrw.com writes:
SSD's are complicated devices.
Complexity makes it hard to understand the security characteristics of
relying on the timing of the devices.
So ... use with extreme caution. Estimate conservatively. Mix any
apparent entropy you get with other sources.
On Wed, 17 Dec 2008 13:02:58 -0500
Jerry Leichter leich...@lrw.com wrote:
On Dec 16, 2008, at 4:22 PM, Charles Jackson wrote:
I probably should not be commenting, not being a real device guy.
But,
variations in temperature and time could be expected to change SSD
timing.
I'd like to expand on a point I made a little while ago about the
just throw everything at it, and hope the good sources drown out the
bad ones entropy collection strategy.
The biggest problem in security systems isn't whether you're using 128
bit or 256 bit AES keys or similar trivia. The
Bill Frantz fra...@pwpconsult.com writes:
I find myself in this situation with a design I'm working on. I have an ARM
chip, where each chip has two unique numbers burned into the chip for a total
of 160 bits. I don't think I can really depend on these numbers being secret,
since the chip
-Michael Heyman
Wrote:
Before we give up on using drive timings [as an entropy source], does anyone
have evidence to
verify this assertion [that SSD drives will have much less variation in
read/write timing]? The reviews I have seen using tools like HD
Tune and HD Tach seem to show timing noise
=?ISO-8859-1?Q?Joachim_Str=F6mbergson?= joac...@strombergson.com writes:
Damien Miller wrote:
Until someone runs your software on a SSD instead of a HDD. Oops.
That is a very good observation. I would bet loads of GM stocks that very few
people realise that moving from 0ld sk00l HDD to SSD would
On Dec 15, 2008, at 2:28 PM, Joachim Strömbergson wrote:
...One could probably do a similar comparison to the increasingly
popular
idea of building virtual LANs to connect your virtualized server
running
on the same physical host. Ethernet frame reception time variance as
well as other real
On Tue, Dec 16, 2008 at 03:06:04AM +, StealthMonger wrote:
Alec Muffett alec.muff...@sun.com writes:
In the world of e-mail the problem is that the end-user inherits a
blob of data which was encrypted in order to defend the message as it
passes hop by hop over the store-and-forward
12 matches
Mail list logo