--
At 01:49 PM 7/25/99 -0700, David Wagner wrote:
> > One nice advantage of using RC4 as a nonce generator is that you can
easily
> > switch back and forth between key setup and code byte generation. You can
> > even do both at the same time. (There is no need to reset the index
> > variables.) This allows you to intersperse entropy deposits and
withdrawals
> > at will.
Arnold G. Reinhold <[EMAIL PROTECTED]> wrote:
> Oh dear! This suggestion worries me.
> Is it reasonable to expect this arrangement to be secure
> against e.g. chosen-entropy attacks?
Yes: If the attacker knows exactly when the packets arrive (which he
cannot) this cannot give him any additional knowledge about the state.
The worst case is that the attacker does not lose any information.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
GwzRjnRrKYJu2r1GIGDbMcu4BUlTzkvCgsPsse1R
4zW/Nuta5TAkUWJiaYK+pxqBFNK6i8MzCczPKz24u
- Re: depleting the random number generator Ben Laurie
- Re: depleting the random number generator Bill Stewart
- Re: depleting the random number generator Ben Laurie
- RE: depleting the random number generator Enzo Michelangeli
- RE: depleting the random number generator bram
- Re: depleting the random number generator Ben Laurie
- Re: depleting the random number generator bram
- Re: depleting the random number generator James A. Donald
- Re: depleting the random number genera... Arnold G. Reinhold
- Re: depleting the random number g... David Wagner
- Re: depleting the random numb... James A. Donald
- Re: depleting the random numb... bram
- Re: depleting the random numb... James A. Donald
- Re: depleting the random numb... John Kelsey
- Summary re: /dev/random Sandy Harris
- Proposal (was Summary re: /de... Sandy Harris
- Re: Proposal (was Summary re:... bram
- Re: Proposal (was Summary re:... Greg Rose
- Re: Proposal (was Summary re:... Damien Miller
- Re: Proposal (was Summary re:... John Gilmore
- Re: Proposal (was Summary re:... David Honig
