'Re: [TLS] Last Call: draft-hoffman-tls-additional-random-ext (Additional Random'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    Re: [TLS] Last Call: draft-hoffman-tls-additional-random-ext (Additional Random
From:       Dean Anderson <dean () av8 ! com>
Date:       2010-04-28 12:58:50
Message-ID: Pine.LNX.4.44.1004280846170.15743-100000 () citation2 ! av8 ! net
[Download RAW message or body]

The 'entropy pool' of /dev/random in Linux isn't really random. Its
based on keyboard input and possibly other semi-random or entirely
predictable sources.

The 3 criteria are for PRNGs. I don't dispute that /dev/random meets
these criteria; only the assertion that its better than a PRNG or that
its truly random.

It fails to be truly random by depending on non-random processes that
could be identified and predicted and/or manipulated by an attacker.  I
suggest you read resources on creating one-time pads. Its very, very
hard to get truly random numbers, and without truly random numbers, your
one-time pad will fail to be 'one-time'.  There is anecdote (I don't
know if it actually happened) of a one-time pad created by rolling dice
being compromised.

		--Dean


On Tue, 27 Apr 2010, Kemp, David P. wrote:

> I'm not sure why an entropy pool would not be considered "truly random"
> by any of the three criteria you cited.  If there is insufficient
> physically-generated entropy (such as on an appliance with no hard
> drives, no user timing input, and all other sources observable or
> predictable) then the process is not applicable - it cannot create
> entropy by magic.
> 
> But by what criteria would it fail to be truly random (albeit at a much
> lower rate than dedicated hardware) on an uncompromised user desktop?
> 
> Dave
> 
> 
> -----Original Message-----
> From: Dean Anderson [mailto:dean@av8.com] 
> Sent: Tuesday, April 27, 2010 6:25 AM
> To: Kemp, David P.
> Cc: ietf@ietf.org; tls@ietf.org
> Subject: Re: [TLS] Last Call: draft-hoffman-tls-additional-random-ext
> (Additional Random
> 
> > http://en.wikipedia.org/wiki/Hardware_random_number_generator
> 
> The link you cite above is an example of the extra hardware that most
> people don't have.
> 
> > http://en.wikipedia.org/wiki//dev/random
> 
> The link you cite above isn't a truly random number generator.
> 
> 		--Dean
> 
> 
> 

-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 256 5494




[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic