Date: Thu, 26 Oct 2000 02:21:22 -0700 From: Kris Kennaway <kris@citusc.usc.edu> To: Andrej Cernov <ache@nagual.pp.ru> Cc: Terry Lambert <tlambert@primenet.com>, Warner Losh <imp@village.org>, current@FreeBSD.ORG, markm@FreeBSD.ORG Subject: Re: entropy reseeding is totally broken Message-ID: <20001026022122.C69282@citusc17.usc.edu> In-Reply-To: <20001025145028.A81143@nagual.pp.ru>; from ache@nagual.pp.ru on Wed, Oct 25, 2000 at 02:50:29PM %2B0400 References: <200010241816.MAA17356@harmony.village.org> <200010251035.DAA19676@usr02.primenet.com> <20001025145028.A81143@nagual.pp.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 25, 2000 at 02:50:29PM +0400, Andrej Cernov wrote: > It is because /dev/random totally ignore _time_ and not reseed from it, > but no other randomness source available at boot time. We should probably be using the time since boot as ONE thing we seed with, but it only provides maybe 3-4 bits of randomness - meaning if thats all you seed with then your attacker has to brute-force 3-4 bits of state to break the PRNG state as it was at boot time, hardly a difficult challenge :-) Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001026022122.C69282>