From: Mike Touloumtzis <miket@bluemug.com>
To: Robert Love <rml@tech9.net>
Cc: Oliver Xymoron <oxymoron@waste.org>,
linux-kernel@vger.kernel.org, riel@conectiva.com.br
Subject: Re: [PATCH] let Net Devices feed Entropy, updated (1/2)
Date: Tue, 21 Aug 2001 23:10:02 -0700 [thread overview]
Message-ID: <20010821231002.C27313@bluemug.com> (raw)
In-Reply-To: <Pine.LNX.4.30.0108182234250.31188-100000@waste.org> <998193404.653.12.camel@phantasy>
In-Reply-To: <998193404.653.12.camel@phantasy>
On Sat, Aug 18, 2001 at 11:56:41PM -0400, Robert Love wrote:
>
> Again, /dev/urandom is just as "secure" as /dev/random. Its the same
> pool. The same stuff. Except that /dev/random blocks when the entropy
> count hits 0.
You have been repeating that there is no difference in security
between /dev/random and /dev/urandom, but consider this: you install
a kernel/hardware combination without any registered SA_SAMPLE_RANDOM
IRQs (i.e. headless, no IDE, no NICs with SA_SAMPLE_RANDOM IRQs).
This configuration is not hard to imagine for, say, a dedicated
server appliance or embedded device.
The entropy pool for such a system starts at 0s, unless I'm
misreading the source; from create_entropy_store():
memset(r->pool, 0, poolwords*4);
As long as no interrupt ever adds randomness to this pool, I might be
able to predict every bit ever read from /dev/random on this machine.
I don't need to break SHA-1, I just run the algorithm forward from
its starting point. I guess I would probably have to know the size
of each read, so in practice an active network (TCP initial sequence
numbers) in combination with other reads would make my job harder.
But it's still a scary scenario. And it comes from the fact that
although /dev/urandom is a strong PRNG, it is still deterministic,
and if I know its complete state at any point and can simulate
subsequent events, I can predict its behavior.
/dev/random is very good for making sure you never generate a GPG
key on a machine like this. I agree with most people on this thread
that session keys are usually safe coming from /dev/urandom. But you
should still make sure you have at least one device feeding into
the entropy pool, something I'm sure many admins have no clue about
and don't verify.
miket
next prev parent reply other threads:[~2001-08-22 6:10 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-08-16 4:36 [PATCH] Optionally let Net Devices feed Entropy Robert Love
2001-08-16 4:40 ` [PATCH] 2.4.9-pre4: Optionally let Net Devices feed Entropy (1/2) Robert Love
2001-08-16 4:42 ` [PATCH] 2.4.9-pre4: Optionally let Net Devices feed Entropy (2/2) Robert Love
2001-08-16 4:43 ` [PATCH] 2.4.8-ac5: let Net Devices feed Entropy (1/2) Robert Love
2001-08-16 4:44 ` [PATCH] 2.4.8-ac5: let Net Devices feed Entropy (2/2) Robert Love
2001-08-16 8:50 ` [PATCH] Optionally let Net Devices feed Entropy Francois Romieu
2001-08-16 14:50 ` Robert Love
2001-08-16 17:02 ` Francois Romieu
2001-08-16 19:28 ` Alex Bligh - linux-kernel
2001-08-16 20:19 ` D. Stimits
2001-08-17 0:47 ` Robert Love
2001-08-17 22:56 ` D. Stimits
2001-08-18 5:57 ` Robert Love
2001-08-18 17:44 ` [PATCH] let Net Devices feed Entropy, updated (1/2) Robert Love
2001-08-18 23:41 ` Oliver Xymoron
2001-08-19 0:38 ` Rik van Riel
2001-08-19 3:33 ` Oliver Xymoron
2001-08-19 3:49 ` Robert Love
2001-08-21 7:17 ` Philipp Matthias Hahn
2001-08-19 18:46 ` Mike Castle
2001-08-19 3:12 ` Robert Love
2001-08-19 3:36 ` Oliver Xymoron
2001-08-19 3:41 ` Rik van Riel
2001-08-19 3:57 ` Robert Love
2001-08-19 3:56 ` Robert Love
2001-08-19 14:43 ` lists
2001-08-19 21:34 ` Alex Bligh - linux-kernel
2001-08-19 22:08 ` Entropy from net devices - keyboard & IDE just as 'bad' [was Re: [PATCH] let Net Devices feed Entropy, updated (1/2)] Alex Bligh - linux-kernel
2001-08-19 22:18 ` Alex Bligh - linux-kernel
2001-08-19 22:30 ` David Schwartz
2001-08-19 22:38 ` Alex Bligh - linux-kernel
2001-08-19 22:46 ` David Schwartz
2001-08-20 13:25 ` Alex Bligh - linux-kernel
2001-08-20 19:48 ` David Schwartz
2001-08-21 8:50 ` Alex Bligh - linux-kernel
2001-08-21 7:49 ` David Lang
2001-08-21 9:21 ` Alex Bligh - linux-kernel
2001-08-21 10:06 ` Entropy from net devices - keyboard & IDE just as 'bad' (better timing in random.c) Johan Adolfsson
2001-08-21 18:31 ` Entropy from net devices - keyboard & IDE just as 'bad' [was Re: [PATCH] let Net Devices feed Entropy, updated (1/2)] David Wagner
2001-08-21 21:53 ` Robert Love
2001-08-21 18:29 ` David Wagner
2001-08-21 21:50 ` Robert Love
2001-08-21 21:57 ` Robert Love
2001-08-19 17:08 ` [PATCH] let Net Devices feed Entropy, updated (1/2) Oliver Xymoron
2001-08-19 18:02 ` David Madore
2001-08-19 23:47 ` Oliver Xymoron
2001-08-19 21:19 ` Alex Bligh - linux-kernel
2001-08-19 22:24 ` David Ford
2001-08-20 10:02 ` Martin Dalecki
2001-08-20 10:34 ` Johan Adolfsson
2001-08-20 10:47 ` Martin Dalecki
2001-08-20 13:07 ` Johan Adolfsson
2001-08-20 13:57 ` Alex Bligh - linux-kernel
2001-08-20 14:25 ` Martin Dalecki
2001-08-21 1:11 ` Theodore Tso
2001-08-21 1:36 ` Richard Gooch
2001-08-21 9:43 ` Martin Dalecki
2001-08-21 9:59 ` Johan Adolfsson
2001-08-21 17:19 ` Richard Gooch
2001-08-21 18:33 ` David Wagner
2001-08-21 4:33 ` Robert Love
2001-08-20 16:15 ` Robert Love
2001-08-20 16:36 ` Robert Love
2001-08-22 6:10 ` Mike Touloumtzis [this message]
2001-08-22 6:26 ` Robert Love
2001-08-22 17:27 ` Mike Touloumtzis
2001-08-22 8:54 ` Alex Bligh - linux-kernel
2001-08-22 13:47 ` Chris Friesen
2001-08-19 20:58 ` Alex Bligh - linux-kernel
2001-08-19 22:19 ` Mike Castle
2001-08-19 22:29 ` Alex Bligh - linux-kernel
2001-08-20 2:26 ` Mike Castle
2001-08-20 23:08 ` Tom Rini
2001-08-17 0:47 ` [PATCH] Optionally let Net Devices feed Entropy Robert Love
2001-08-17 14:34 ` Alex Bligh - linux-kernel
2001-08-17 0:47 ` Robert Love
2001-08-17 9:05 ` Francois Romieu
2001-08-17 15:00 ` Alex Bligh - linux-kernel
[not found] <3B80EADC.234B39F0@evision-ventures.com.suse.lists.linux.kernel>
[not found] ` <2248596630.998319423@[10.132.112.53].suse.lists.linux.kernel>
[not found] ` <3B811DD6.9648BE0E@evision-ventures.com.suse.lists.linux.kernel>
[not found] ` <20010820211107.A20957@thunk.org.suse.lists.linux.kernel>
[not found] ` <200108210136.f7L1aa008756@vindaloo.ras.ucalgary.ca.suse.lists.linux.kernel>
2001-08-21 2:14 ` [PATCH] let Net Devices feed Entropy, updated (1/2) Andi Kleen
2001-08-21 3:02 ` Paul Jakma
2001-08-21 3:12 ` Andi Kleen
2001-08-21 3:16 ` David Schwartz
2001-08-21 13:34 ` Paul Jakma
2001-08-21 18:38 ` David Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010821231002.C27313@bluemug.com \
--to=miket@bluemug.com \
--cc=linux-kernel@vger.kernel.org \
--cc=oxymoron@waste.org \
--cc=riel@conectiva.com.br \
--cc=rml@tech9.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox