[148070] in cryptography@c2.net mail archive
Re: [Cryptography] randomness +- entropy
daemon@ATHENA.MIT.EDU (Bill Frantz)
Thu Nov 7 13:41:01 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 7 Nov 2013 07:15:28 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <96CE28AA-8C5A-4FF4-B9A5-4419B20E1B4B@lrw.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 11/6/13 at 8:16 PM, leichter@lrw.com (Jerry Leichter) wrote:
>In fact, though, I can think of one simple example: A CD Linux
>image used precisely to conduct operations we want to keep
>secure. For example, there's a suggestion that small
>businesses use exactly such a thing to do their on-line
>banking, as their usual systems are way too vulnerable to
>various kinds of malware (and small businesses have been
>subject to attacks that bankrupted them). The CD itself can't
>carry a seed, as it will be re-used repeatedly. It has to come
>up quickly, and on pretty much any hardware, to be useful. You
>could probably get something like Turbid in there - but there
>are plenty of CD's around already that have little if anything.
In this case there is an active UI with an attached keyboard and
mouse. It is probably a really major change to Linux boot, but
use any excuse to get user to move the mouse and you have plenty
of "randomness" to seed the RNG.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
