Full Disclosure mailing list archives
Re: how i stopped worrying and loved the backdoor
From: Marsh Ray <marsh () extendedsubset com>
Date: Sun, 26 Dec 2010 13:28:56 -0600
On 12/25/2010 04:47 PM, coderman wrote:
a torrent of raw output is preferable to a smaller stream of whitened, "more random" bits. there are a million kitschy ways to collect entropy like lava lamp cams and Bernoulli effects across your spinning disks.
Yes, and this is why professional cryptographers always leave the room as soon as the topic of entropy collection comes up: it inevitably ends up with a lot of amateurs arguing about the relative merits of diode junctions vs hamster cams. (oh yeah, I went there) http://www.youtube.com/watch?v=a1Y73sPHKxw There have been some high-profile breaks because of insufficient entropy, for example Netscape Navigator (Wagner 1996) and Debian OpenSSL (CVE-2008-0166). But those were total boneheaded screwups, I'm not aware of any cases where the implementers did halfway competent job of estimating entropy input, seeding with at least 128 bits of it before key generation, and the resulting system was broken. Somebody come up with some examples. So I'm not convinced that "entropy collection is hard". I think it's probably more accurate to say: * Accurate estimation of collected entropy is hard * Gathering entropy quickly after power-on in WRT-54G hardware is hard * Communicating the assumptions of sufficient entropy made by other parts of the system is hard. This is important to get right because when people hear "entropy collection is hard" they become willing to throw common sense to the wind and adopt cures which are worse than the disease. E.g. OpenBSD substituting RC4 keyed by 64Kbit LFSRs for an established design. - Marsh _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: how i stopped worrying and loved the backdoor, (continued)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- backtrack-linux.org hacked? Darren Thurston (Dec 27)
- Re: backtrack-linux.org hacked? Григорий Братислава (Dec 27)
- Re: backtrack-linux.org hacked? coderman (Dec 27)
- Re: backtrack-linux.org hacked? Dave Nett (Dec 27)
- Re: backtrack-linux.org hacked? Christian Sciberras (Dec 27)
- Re: backtrack-linux.org hacked? coderman (Dec 27)
- Re: how i stopped worrying and loved the backdoor Marsh Ray (Dec 26)
- Re: how i stopped worrying and loved the backdoor decoder (Dec 27)
- Re: how i stopped worrying and loved the backdoor Григорий Братислава (Dec 24)
- Re: how i stopped worrying and loved the backdoor McGhee, Eddie (Dec 24)
- Re: how i stopped worrying and loved the backdoor Gary Baribault (Dec 24)