Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 22 Jul 2000 11:37:58 -0400
From:      "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
To:        Kris Kennaway <kris@FreeBSD.ORG>
Cc:        Mark Murray <mark@grondar.za>, current@FreeBSD.ORG
Subject:   Re: randomdev entropy gathering is really weak
Message-ID:  <3979BFD6.9DFEE454@vangelderen.org>
References:  <Pine.BSF.4.21.0007211849570.68809-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Kris Kennaway wrote:
> 
> On Fri, 21 Jul 2000, Mark Murray wrote:
> 
> > Section 2.1, last paragraph:
> > "If a system is shut down, and restarted, it is desirable to store some
> > high-entropy data (such as the key) in non-volatile memory. This allows
> > the PRNG to be restarted in an unguessable state at the next restart. We
> > call this data the reseed file."
> 
> I'm all for storing a sample at shutdown and using it to help seed the
> PRNG at startup, but it shouldn't be the only seed used (for example, the
> case where the system has never been shut down (cleanly) before and so has
> no pre-existing seed file is a BIG corner case to consider since thats how
> the system is at the time it first generates SSH keys after a fresh
> install).
> 
> It might be only an academic vulnerability, but if someone can read your
> HD during the time the system is shut down then I'd prefer them not to
> know the precise state when the system next starts up again. Yes, if they
> can read they can probably also write, but it seems like a mistake when
> there's nothing really gained by saving the complete state, as opposed to
> an extract.

Well, academic or not (not when you run financial transactioning
systems on FreeBSD) you can edit rc.shutdown to not write out a
seed file. You don't have to use it but it's good that it's there.

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen          o      _     _         _
jeroen@vangelderen.org  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3979BFD6.9DFEE454>