[147950] in cryptography@c2.net mail archive
Re: [Cryptography] What's a Plausible Attack On Random Number
daemon@ATHENA.MIT.EDU (Albert Lunde)
Fri Nov 1 19:01:37 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 01 Nov 2013 17:39:28 -0500
From: Albert Lunde <atlunde@panix.com>
To: "cryptography@metzdowd.com List" <cryptography@metzdowd.com>
In-Reply-To: <692B2B5B-0546-49B6-BDBF-4EF7C13D5956@lrw.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
As a postscript to this thread, I'd note the existence of these older
open source random number generation projects as an example of prior art:
http://egd.sourceforge.net/
http://prngd.sourceforge.net/
The last revision of the prngd code is 2007. So while this is inspired
by some good ideas it's not being actively developed today.
They were developed to support Unix/Linux systems which didn't have a
/dev/random /dev/urandom interface (a diminishing audience).
They use the output of various commands to collect entropy, in a
configurable-sized pool.
I've used prngd in a previous context where I was administering a web
server.
A feature is that there is a trivial protocol for requesting random
bytes in clear text over a TCP socket.
I used that protocol to ship some random bytes from the primary web
server via private fiber to the hot spare at another location which had
little traffic.
But our only use of random numbers there was for SSH, neither server
used HTTPS.
--
Albert Lunde albert-lunde@northwestern.edu
atlunde@panix.com (address for personal mail)
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography