At 2:24 AM -0400 8/30/00, Mark Murray wrote:
> > Would a public PRNG (Yarrow?) server be of any use? I suppose it could be
>> done as a proof-of-concept, or as another source of entropy for an internal
>> PRNG... and the trust issue could be dealt with just as you deal with the
>> Intel PRNG. IMO, the bandwidth would be the limitation here; an intranet
>> (LAN) PRNG might be better.
>
>You'd need to prtect the numbers thus served; they'd be no use if
>an ethernet snooper could pick them up, so the distribution channel
>should be at least encrypted. (SSH and SSL could both be used).
>
>> I'm asking this because I think that a big problem with PRNGs is that the
>> application is the more difficult part - securing the seed file, making sure
>> the entropy into the system is correct, and any other issues I can't think
>> of right now. It would be easier to set them up *correctly* on one computer
>> than on many, and at most the randomness-demanding applications on the
>> client computers could "fall back" on the server.
>
>Interesting idea! You could take it further and put some decent hardware
>RNG(s) on the server as well.
John Walker has had PRNs on the Net for a number of years.
Interesting as a curiosity, but not very useful from a security point
of view.
(Calculate the approximate number of bits of entropy in a "real"
stream of, say, a few hundred locally-generated bits vs. the number
of bits of entropy in the stream that is "Walker's bits beginning at
11:18:52 GMT." No comparison.)
--Tim May
--
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
"Cyphernomicon" | black markets, collapse of governments.
