cendres at videotron.ca
Sun Mar 28 21:23:52 PST 2004
On March 28, 2004 06:36 pm, Dagmar d'Surreal wrote:
> On Sun, 2004-03-28 at 17:10, Archaic wrote:
> > On Sun, Mar 28, 2004 at 08:32:17AM -0500, Robert Connolly wrote:
> > > I also found this:
> > > http://www.vanheusden.com/aed/
> > > Based on this:
> > > http://www.mindrot.org/audio-entropyd.html
> > Due to the fact that ost servers do not have soundcards, I'm wondering
> > if we should go this route. /dev/arandom sounded like a good thing,
> > though.
Like Ian said, many machines do have sound cards. Even if it used the static
from a serial socket... not all machines have serial sockets.
> There are some people who have very nasty things to say about using this
> kind of source as a seed for entropy. Basically the argument goes that
> someone able to generate a lot of RF in your area can effectively
> control your entropy pool and drastically reduce the strength of the
> generated keys.
The static is used to seed /dev/random. The kernel will still add its internal
entropy. An attack on this using radio signals can influence the random
number generator, but not control it. The code for audio-entropyd will
compare strings gathered from the sound device, and discard duplicate data
(like sound card initialization data). Even under this attack I don't see how
the random pool could be predictable.
More information about the hlfs-dev