Integrated crypto

Dagmar d'Surreal dagmar.wants at nospam.com
Mon Mar 29 19:22:27 PST 2004


On Mon, 2004-03-29 at 23:04, Kendrick wrote:
> Robert Connolly wrote:
> 
> >On March 28, 2004 06:36 pm, Dagmar d'Surreal wrote:
> >  
> >
> >The static is used to seed /dev/random. The kernel will still add its internal 
> >entropy. An attack on this using radio signals can influence the random 
> >number generator, but not control it. The code for audio-entropyd will 
> >compare strings gathered from the sound device, and discard duplicate data 
> >(like sound card initialization data). Even under this attack I don't see how 
> >the random pool could be predictable.
> >
> >  
> >
> if that were the case then the rng on the new via systems wouldent work 
> right either unless some one was using some decent powered equipment and 
> brodcasting over all stations i wouldent see it affecting the system to 
> much.  also theres alot of static being produced by the local system  if 
> any thing i thik that would be worse on the random ness then a outside 
> rf would. 

The guys who worry over these issues waste (well... spend) a lot more
time obsessing over these things than I would have ever guessed until I
saw how anal some of these cryptographers are.  They really do seem to
feel (and I'm not inclined to argue with them) that unless something is
a completely flawless implementation of the mathematical concepts behind
an algorithm, then there's cause for concern and room for improvement. 
Random number generation is one of those really wide open spaces where
they can and generally do go nuts, in part because there's no way in
this reality to get perfectly random numbers (like a perfectly round
circle).  In any case, when the author of something says it's useable
for everything except random number generation for cryptographic key
synthesis, I tend to pay attention and take their word on it.  :/
-- 
The email address above is phony because my penis is already large enough, kthx. 
              AIM: evilDagmar  Jabber: evilDagmar at jabber.org




More information about the hlfs-dev mailing list