From owner-freebsd-current Wed Jul 19 11:23:25 2000 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 0B0F437B5EE for ; Wed, 19 Jul 2000 11:23:21 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id MAA93266; Wed, 19 Jul 2000 12:23:18 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id MAA83239; Wed, 19 Jul 2000 12:23:18 -0600 (MDT) Message-Id: <200007191823.MAA83239@harmony.village.org> To: Mark Murray Subject: Re: randomdev entropy gathering is really weak Cc: Poul-Henning Kamp , current@FreeBSD.ORG In-reply-to: Your message of "Wed, 19 Jul 2000 20:11:59 +0200." <200007191812.UAA00448@grimreaper.grondar.za> References: <200007191812.UAA00448@grimreaper.grondar.za> <200007191733.LAA82735@harmony.village.org> Date: Wed, 19 Jul 2000 12:23:18 -0600 From: Warner Losh Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200007191812.UAA00448@grimreaper.grondar.za> Mark Murray writes: : The randomness is good, no doubt; I worry about how accessible that : randomness is to an attacker? That's a good thing to worry about. : If the attacker is on your computer (he us a user, say), he might know : a lot about the current frequency of your xtal. He can also get the same : (remote) time offsets as you. What does that give him? Not much, but it : could reduce the bits that he needs to guess. By how much? I don't : know. I don't know the answers to that either. Of course, if the attaker has root access to your machine, then you have bigtime problems with keeping the random bits secret anyway... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message