Date: Sat, 22 Jul 2000 16:27:04 +0200 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Brian Fundakowski Feldman <green@FreeBSD.ORG> Cc: "Louis A. Mamakos" <louie@TransSys.COM>, Kris Kennaway <kris@FreeBSD.ORG>, arch@FreeBSD.ORG Subject: Re: Quantifying entropy Message-ID: <345.964276024@critter.freebsd.dk> In-Reply-To: Your message of "Sat, 22 Jul 2000 10:14:35 EDT." <Pine.BSF.4.21.0007221011110.27690-100000@green.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.21.0007221011110.27690-100000@green.dyndns.org>, Brian F undakowski Feldman writes: >> >> Another source of noise could be via the RF tuner in a video capture >> baord. You could get plenty 'o noise on both the audio output as >> well as the noisy video fields when tuned to an unused channel. > >Remember that this approach is easily subverted. An attacker can >compromise your entropy by detecting what frequency you are tuned to >and attack that frequency with predictable data. A protection to >this would be a good implementation of a spread-spectrum and >spectrum-hopping RF tuner, but then you're relying on its PRNG for >the data, really, and if it were that good you'd want to use it anyway ;) Not to be attacking Brian in particular, but I am getting pretty damn tired of seing any suggestion put forth in this thread getting shot down from black helicopters by Elvis. Yes, of course I could simulate the local quardrant of the galaxy at a quantummechanical level and predict everything, but is it really realistic ? The point here is not about making random bits which cannot possibly be compromised. People who need that know how to get that. This is about making the best *realisticly possible* random numbers for FreeBSD (note the emphasis). I can only applaud and congratulate MarkM on what he has managed to do so far in the face of an infinite army of bikeshed building arm-chair generals. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?345.964276024>