[21511] in cryptography@c2.net mail archive
Re: Linux RNG paper
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Wed Mar 22 21:45:29 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 22 Mar 2006 21:04:54 -0500
From: Victor Duchovni <Victor.Duchovni@MorganStanley.com>
To: cryptography@metzdowd.com
Reply-To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <r02010500-1039-A073AC2CB9F311DAA6940030658F0F64@[192.168.1.5]>
On Wed, Mar 22, 2006 at 02:31:37PM -0800, Bill Frantz wrote:
> One of my pet peeves: The idea that the "user" is the proper atom of
> protection in an OS.
>
> My threat model includes different programs run by one (human) user. If
> a Trojan, running as part of my userID, can learn something about the
> random numbers harvested by my browser/gpg/ssh etc., then it can start
> to attack the keys used by those applications, even if the OS does a
> good job of keeping the memory spaces separate and protected.
>
Why would a trojan running in your security context bother with attacking
a PRNG? It can just read your files, record your keystrokes, change your
browser proxy settings, ...
If the trojan is a sand-box of some sort, the sand-box is a different
security context, and in that case, perhaps a different RNG view is
justified.
Some applications that consume a steady stream of RNG data, maintain
their own random pool, and use the public pool to periodically mix in
some fresh state. These are less vulnerable to snooping/exhaustion of
the public stream.
The Postfix tlsmgr(8) process proxies randomness for the rest of the
system in this fashion...
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
