[4075] in cryptography@c2.net mail archive
Re: Intel announcements at RSA '99
daemon@ATHENA.MIT.EDU (Bill Frantz)
Wed Jan 27 12:57:47 1999
In-Reply-To: <19990127081854.04713@slack.lne.com>
Date: Wed, 27 Jan 1999 09:41:42 -0700
To: Eric Murray <ericm@lne.com>, Colin Plumb <colin@nyx.net>
From: Bill Frantz <frantz@netcom.com>
Cc: smb@research.att.com, ben@algroup.co.uk, cryptography@c2.net,
geer@world.std.com, honig@sprynet.com, jamesd@echeque.com
At 9:18 AM -0700 1/27/99, Eric Murray wrote:
>You need to have a large enough pool of random seed material at some
>point very soon after startup, in case the user boots and immediately
>runs a transaction or some other process which needs random numbers.
>So it would need to have a higher rate just to cover immediate
>use after boot. In a system with a disk you can keep a random pool
>around between boots, reducing the first-time problem to the first
>boot-up. But that's not an option in embedded or diskless situations.
One problem we faced at Electric Communities was, the user installs the
product and immediately wants to generate an identity (public/private key
pair). We actually had to hold the user while we waited for entropy (160
bits).
The server problem includes the difficulty of finding events that can't, in
theory, be observed from the outside. Servers may be able to wait 160
seconds until they are ready to run, but it sure would be nice if they also
could "come right up".
-------------------------------------------------------------------------
Bill Frantz | Macintosh: Didn't do every-| Periwinkle -- Consulting
(408)356-8506 | thing right, but did know | 16345 Englewood Ave.
frantz@netcom.com | the century would end. | Los Gatos, CA 95032, USA
