Bugtraq mailing list archives
Re: VNC authentication weakness
From: David Malone <dwmalone () maths tcd ie>
Date: Tue, 30 Jul 2002 11:14:53 +0100
On Mon, Jul 29, 2002 at 06:13:08PM +0000, daw () mozart cs berkeley edu wrote:
On the other hand, the idea of combining many entropy sources using a cryptographic hash is a good one. If this is used for cryptographic purposes, I'd just like to see some more reliably-unpredictable sources in there, if it were me. However, maybe it's good enough for your purposes. I don't know.
I collect online resources on how to generate cryptographic-quality unpredictable pseudorandomness.
The term "cryptographic-quality unpredictable pseudorandomness" is probably much better than the term "entropy" when talking about these issues (I note that you prefer the former). Some relatively recent work has shown that "entropy" in the sense of "Shannon entropy" may not be the idea measure for randomness for many uses. I've listed a few papers which dip into this area below. For example, the statement in the sci.crypt FAQ: We can measure how bad a key distribution is by calculating its entropy. This number E is the number of ``real bits of information'' of the key: a cryptanalyst will typically happen across the key within 2^E guesses. E is defined as the sum of -p_K log_2 p_K, where p_K is the probability of key K. is actually wrong; 2^E may be an arbitrary large underestimate of the expected number of guesses. (Thankfully, for those designing crypto systems based on this assumption.) The moral of the story is that it may pay to think about what you are using your randomness for. David. 1) Guessing and Entropy, Massey, Proc. IEEE Int. Symp. on Info Th., 1994. 2) An Inequality on Guessing and its Application to Sequential Decoding, Arikan, IEEE Trans. on Info. Th., 1996. 3) Two Sided Bounds on Guessing Moments, Dragomir and Boztas, preprint, 1997. 4) The Disparity between Work and Entropy in Cryptology, Pliam, preprint, 1999.
Current thread:
- Re: VNC authentication weakness, (continued)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Mitch Adair (Jul 26)
- Re: VNC authentication weakness Jose Nazario (Jul 26)
- Re: VNC authentication weakness Ariel Waissbein (Jul 27)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)
- Re: VNC authentication weakness Nate Lawson (Jul 29)
- Re: VNC authentication weakness Mike Porter (Jul 30)
- Re: VNC authentication weakness David Malone (Jul 30)