Date: Tue, 18 Jul 2000 07:36:45 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Alexander Langer <alex@big.endian.de>, "Louis A. Mamakos" <louie@TransSys.COM>, Mark Murray <mark@grondar.za>, "Andrey A. Chernov" <ache@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak Message-ID: <6765.963898605@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 17 Jul 2000 21:44:12 EDT." <3973B66C.D6BD5BFD@vangelderen.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <3973B66C.D6BD5BFD@vangelderen.org>, "Jeroen C. van Gelderen" writes : >> Predicting the clock's offset from reality and the two way path to >> the server of choice is impossible, plus if people enable authentication >> later on the packets will be choke full of high-quality entropy. > >Please quantify 'impossible'. People have tried for 30+ years to predict what a quartz xtal will do next. Nobody expects any chance of success. Add to this the need to predict the difference between one or more NTP servers and your local qartz xtal and I think we can safely say "impossible". >I think we first need to figure out the security implications. I think the security implications of having no entropy are much worse than having entropy which a truly superhuman *maybe* could guess *some* of the bits in, are far worse. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6765.963898605>