From owner-freebsd-current Wed Jul 19 14:41:43 2000 Delivered-To: freebsd-current@freebsd.org Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138]) by hub.freebsd.org (Postfix) with ESMTP id 64FB737C03F for ; Wed, 19 Jul 2000 14:41:37 -0700 (PDT) (envelope-from mark@grondar.za) Received: from grimreaper.grondar.za (localhost [127.0.0.1]) by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id XAA01113; Wed, 19 Jul 2000 23:41:25 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200007192141.XAA01113@grimreaper.grondar.za> To: Warner Losh Cc: current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak References: <200007191823.MAA83239@harmony.village.org> In-Reply-To: <200007191823.MAA83239@harmony.village.org> ; from Warner Losh "Wed, 19 Jul 2000 12:23:18 CST." Date: Wed, 19 Jul 2000 23:41:24 +0200 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > : If the attacker is on your computer (he us a user, say), he might know > : a lot about the current frequency of your xtal. He can also get the same > : (remote) time offsets as you. What does that give him? Not much, but it > : could reduce the bits that he needs to guess. By how much? I don't > : know. > > I don't know the answers to that either. > > Of course, if the attaker has root access to your machine, then you > have bigtime problems with keeping the random bits secret anyway... My scenario assumed that the attacker/user was not root. Of course if he is root, he knows a bit more, but even a non-root attacker can make a statistical study of the local clock and some hand-rolled ntp code. (I'm not suggesting it is easy, just possible :-) ) M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message