From owner-freebsd-current  Mon Jul 17 22:37:18 2000
Delivered-To: freebsd-current@freebsd.org
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131])
	by hub.freebsd.org (Postfix) with ESMTP
	id B9DD537BA4D; Mon, 17 Jul 2000 22:37:11 -0700 (PDT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.9.3/8.9.3) with ESMTP id HAA06767;
	Tue, 18 Jul 2000 07:36:46 +0200 (CEST)
	(envelope-from phk@critter.freebsd.dk)
To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
Cc: Alexander Langer <alex@big.endian.de>,
	"Louis A. Mamakos" <louie@TransSys.COM>,
	Mark Murray <mark@grondar.za>,
	"Andrey A. Chernov" <ache@FreeBSD.ORG>, current@FreeBSD.ORG
Subject: Re: randomdev entropy gathering is really weak 
In-reply-to: Your message of "Mon, 17 Jul 2000 21:44:12 EDT."
             <3973B66C.D6BD5BFD@vangelderen.org> 
Date: Tue, 18 Jul 2000 07:36:45 +0200
Message-ID: <6765.963898605@critter.freebsd.dk>
From: Poul-Henning Kamp <phk@critter.freebsd.dk>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <3973B66C.D6BD5BFD@vangelderen.org>, "Jeroen C. van Gelderen" writes
:

>> Predicting the clock's offset from reality and the two way path to
>> the server of choice is impossible, plus if people enable authentication
>> later on the packets will be choke full of high-quality entropy.
>
>Please quantify 'impossible'.

People have tried for 30+ years to predict what a quartz xtal
will do next.  Nobody expects any chance of success.  Add to this
the need to predict the difference between one or more NTP servers
and your local qartz xtal and I think we can safely say "impossible".

>I think we first need to figure out the security implications.

I think the security implications of having no entropy are much
worse than having entropy which a truly superhuman *maybe* could
guess *some* of the bits in, are far worse.

--
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD coreteam member | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message