Re: randomdev entropy gathering is really weak

[Mark Murray]

> People have tried for 30+ years to predict what a quartz xtal
> will do next.  Nobody expects any chance of success.  Add to this
> the need to predict the difference between one or more NTP servers
> and your local qartz xtal and I think we can safely say "impossible".

You can't predict this, but you can _measure_ it with a degree of
accuracy. The attacker can use this accuracy to reduce the number
of tries in his attack.

> >I think we first need to figure out the security implications.
> 
> I think the security implications of having no entropy are much
> worse than having entropy which a truly superhuman *maybe* could
> guess *some* of the bits in, are far worse.

Yarrow addresses this problem; even if the attacker does manage to
get the internal state, Yarrow will revover.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message