From owner-freebsd-current Tue Jul 18 9: 6: 0 2000 Delivered-To: freebsd-current@freebsd.org Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131]) by hub.freebsd.org (Postfix) with ESMTP id E383037BE92 for ; Tue, 18 Jul 2000 09:05:57 -0700 (PDT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.9.3/8.9.3) with ESMTP id SAA10398; Tue, 18 Jul 2000 18:05:43 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Alexander Leidinger Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak In-reply-to: Your message of "Tue, 18 Jul 2000 18:01:00 +0200." <200007181601.SAA02045@Magelan.Leidinger.net> Date: Tue, 18 Jul 2000 18:05:43 +0200 Message-ID: <10396.963936343@critter.freebsd.dk> From: Poul-Henning Kamp Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200007181601.SAA02045@Magelan.Leidinger.net>, Alexander Leidinger w rites: >On 18 Jul, Mark Murray wrote: > >[using NTP to gather entropy] >> You forget; a snooper watching your (ether)net has access to nearly >> all of this information. > >I've only seen messages about getting ntp information over a network (so >far), and I'm not familiar with crypto/entropy gathering/ntp, so forgive >me if I ask a stupid question, but does everyone also think about those >systems which have a more or less precise clock attached (e.g. GPS or >atomic clocks which sync the system clock via nptd)? The reason why ntp is interesting is that we compare the received data with our unpredictable local clock. It is the result of this comparison which is good entropy bits. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message