[147973] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: [Cryptography] What's a Plausible Attack On Random Number

daemon@ATHENA.MIT.EDU (Kent Borg)
Sun Nov 3 18:09:16 2013

X-Original-To: cryptography@metzdowd.com
Date: Sun, 03 Nov 2013 10:22:24 -0500
From: Kent Borg <kentborg@borg.org>
To: Jerry Leichter <leichter@lrw.com>, Yaron Sheffer <yaronf.ietf@gmail.com>
In-Reply-To: <7FF08172-19D5-4EFB-AD43-23C10EFD3415@lrw.com>
Cc: "cryptography@metzdowd.com List" <cryptography@metzdowd.com>,
	John Gilmore <gnu@toad.com>, David Mercer <radix42@gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com

On 11/01/2013 10:21 AM, Jerry Leichter wrote:
> On Nov 1, 2013, at 7:04 AM, Yaron Sheffer <yaronf.ietf@gmail.com> wrote:
>> It sounds like a quick addition to DHCP - an extension that gets you 256 bits from the server, would solve 99% of the problem we have with embedded devices. It will not be sufficient for high-security environments, because an attacker might be listening on the local LAN....
> Ahem.  This is *exactly* the kind of reasoning I started this thread to investigate.  (Though I certainly agree that a *single* DHCP packet containing a random bit string is easily attacked.)

I kind of like the idea of RNGs sharing data, if one is following the 
"more sources is safer"-approach, it seems it can't hurt. (Subliminal 
channel?? Other system consequences?)

But there is an irony here: aren't most of the DHCP servers out there 
little embedded NAT boxes running in homes? RNGs at risk for not having 
much entropy shortly after boot...

Just make sure you don't put all your eggs in any one entropy source...

-kb, the Kent who used to callect entropy samples from Linux machines he 
encountered, but who eventually lost interest, as he wasn't actually 
doing anything with this data, just hoarding it.

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

home help back first fref pref prev next nref lref last post