>At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
>>What we need is a minimum of ONE decent quality additional
>>entropy source, one that works for diskless IPSEC boxes.
That's unfortunately outside the scope of IPSec :-)
If you don't have random number hardware,
you can't get hardware random number
At 11:42 AM 8/4/99 -0400, D. Hugh Redelmeier wrote:
>
>Pluto is a "bad guy" in that it is using up the entropy-estimate.
Your modesty is charming. But I wouldn't say that pluto is the bad guy.
There "ought" to be a system service (call it /dev/vrandom or whatever)
that provides the sort of bit
At 12:35 PM -0700 8/2/99, John Denker wrote:
>2) Network timing may be subject to observation and possibly manipulation
>by the attacker. My real-time clocks are pretty coarse (10ms resolution).
>This subthread started with a discussion of software to estimate the
>entropy of a bitstream, and I s
At 10:08 AM 8/4/99 -0400, D. Hugh Redelmeier wrote:
>
>I think that this description reflects an inappropriate understanding
>of entropy. Entropy is in some sense spread throughout the whole
>output of /dev/urandom. You don't use entropy up, you spread it over
>more and more bytes of output. Th
John> The point is that there are a lot of customers out there who
John> aren't ready to run out and acquire the well-designed hardware
John> TRNG that you alluded to. So we need to think carefully about
John> the gray area between the strong-but-really-expensive solution
John> and the cheap
> "John" == John Denker <[EMAIL PROTECTED]> writes:
John> At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
>> I only remember a few proposals (2 or 3?) and they didn't seem to
>> be [unduly weak]. Or do you feel that what I've proposed is this
>> weak? If so, why? I've seen comments that
At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
>
>I only remember a few proposals (2 or 3?) and they didn't seem to be
>[unduly weak]. Or do you feel that what I've proposed is this
>weak? If so, why? I've seen comments that say "be careful" but I
>don't remember any comments suggesting that what
> "John" == John Denker <[EMAIL PROTECTED]> writes:
>> Sure, you can do cat /dev/zero | md5sum > /dev/random, but I don't
>> believe anyone is proposing that as a way of feeding entropy into
>> it.
John> That's where we might slightly disagree :-) ... I've seen some
John> pretty questio
At 01:27 PM 8/2/99 -0400, Paul Koning wrote:
>
>we weren't talking about "in principle" or "in general".
>Sure, given an unspecified process of unknown (to me) properties I
>cannot make sensible statements about its entropy. That is true but
>it isn't relevant to the discussion.
>
>Instead, we're
At 10:09 AM 8/2/99 -0400, Paul Koning wrote:
>
>1. Estimating entropy. Yes, that's the hard one. It's orthogonal
>from everything else. /dev/random has a fairly simple approach;
>Yarrow is more complex.
>
>It's not clear which is better. If there's reason to worry about the
>one in /dev/random
> "John" == John Denker <[EMAIL PROTECTED]> writes:
John> At 10:09 AM 8/2/99 -0400, Paul Koning wrote:
>> 1. Estimating entropy. Yes, that's the hard one. It's
>> orthogonal from everything else. /dev/random has a fairly simple
>> approach; Yarrow is more complex.
>>
>> It's not cl
11 matches
Mail list logo
