Date: Fri, 21 Jul 2000 12:51:48 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Mark Murray <mark@grondar.za> Cc: Kris Kennaway <kris@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak Message-ID: <39787FA4.A79BAE0B@vangelderen.org> References: <Pine.BSF.4.21.0007210345170.13729-100000@freefall.freebsd.org> <200007211253.OAA00377@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote:
>
> > > What about saving the state of the RNG and re-reading it on bootup? That
> > > will allow Yarrow to continue right where it left off. :-)
> >
> > That's a bad thing. You don't want someone to be able to examine the exact
> > PRNG state at next boot by looking at your hard disk after the machine has
> > shut down.
>
> It is a Yarrow-mandated procedure. Please read the Yarrow paper.
Actually, it's not. You don not want to save the exact
PRNG state to disk, ever. It's not Yarrow mandated
procedure but a big security hole.
That said, you do not write out the state of the PRNG,
you write out a couple of blocks of output from which
the state cannot be derived. That *is* okay and that's
what you are doing.
And just for completeness: it's not mandatory to do so.
I don't know where you read that in the paper.
> If they can do that, they have either the console (==root) or they have
> root. Either way, who cares what they know about your machine, they have
> the whole darn thing :-O.
Someone may well compromise your randomness source without
you noticing. And read your PGP mail for the coming couple
of years because your PGP key was compromised without you
noticing. Perfect Trojan horse to write for the FBI, IRS,
anyone who doesn't like you. Oops.
Cheers,
Jeroen
--
Jeroen C. van Gelderen o _ _ _
jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_)
_< \_ _>(_) (_)/<_ \_| \ _|/' \/
(_)>(_) (_) (_) (_) (_)' _\o_
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39787FA4.A79BAE0B>