From owner-freebsd-current Thu Oct 26 3: 4:43 2000 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 53F9137B479; Thu, 26 Oct 2000 03:04:39 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.1/8.11.1) id e9QA1n492686; Thu, 26 Oct 2000 14:01:50 +0400 (MSD) (envelope-from ache) Date: Thu, 26 Oct 2000 14:01:47 +0400 From: =?koi8-r?B?4c7E0sXKIP7F0s7P1w==?= To: Kris Kennaway Cc: Terry Lambert , Warner Losh , current@FreeBSD.ORG, markm@FreeBSD.ORG Subject: Re: entropy reseeding is totally broken Message-ID: <20001026140146.B92586@nagual.pp.ru> References: <200010241816.MAA17356@harmony.village.org> <200010251035.DAA19676@usr02.primenet.com> <20001025145028.A81143@nagual.pp.ru> <20001026022122.C69282@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001026022122.C69282@citusc17.usc.edu>; from kris@citusc.usc.edu on Thu, Oct 26, 2000 at 02:21:22AM -0700 Organization: Biomechanoid Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 26, 2000 at 02:21:22AM -0700, Kris Kennaway wrote: > On Wed, Oct 25, 2000 at 02:50:29PM +0400, Andrej Cernov wrote: > > > It is because /dev/random totally ignore _time_ and not reseed from it, > > but no other randomness source available at boot time. > > We should probably be using the time since boot as ONE thing we seed > with, but it only provides maybe 3-4 bits of randomness - meaning if > thats all you seed with then your attacker has to brute-force 3-4 bits > of state to break the PRNG state as it was at boot time, hardly a > difficult challenge :-) This issue not about cryptographically strong randomness but about /dev/random seeding totally not worked, even 3-4 bits of time not used across the boot. Guessing 0 bits for your attacker is much easy then 3-4 bits :-) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message