From: Martin Dalecki <dalecki@evision-ventures.com>
To: Richard Gooch <rgooch@ras.ucalgary.ca>
Cc: Theodore Tso <tytso@mit.edu>,
Alex Bligh - linux-kernel <linux-kernel@alex.org.uk>,
Johan Adolfsson <johan.adolfsson@axis.com>,
Robert Love <rml@tech9.net>, Oliver Xymoron <oxymoron@waste.org>,
linux-kernel@vger.kernel.org, riel@conectiva.com.br
Subject: Re: [PATCH] let Net Devices feed Entropy, updated (1/2)
Date: Tue, 21 Aug 2001 11:43:10 +0200 [thread overview]
Message-ID: <3B822D2E.69D4380A@evision-ventures.com> (raw)
In-Reply-To: <3B80EADC.234B39F0@evision-ventures.com> <2248596630.998319423@[10.132.112.53]> <3B811DD6.9648BE0E@evision-ventures.com> <20010820211107.A20957@thunk.org> <200108210136.f7L1aa008756@vindaloo.ras.ucalgary.ca>
Richard Gooch wrote:
>
> Theodore Tso writes:
> > On Mon, Aug 20, 2001 at 04:25:26PM +0200, Martin Dalecki wrote:
> > >
> > > The primary reson of invention of /dev/random was the need
> > > for a bit of salt to the initial packet sequence number inside
> > > the networking code in linux. And for this purspose the
> > > whole /dev/*random stuff is INDEED a gratitious overdesign.
> > > For anything else crypto related it just doesn't cut the corner.
> >
> > A number of other people helped me with the design and development of
> > the /dev/random driver, including one of the primary authors of the
> > random number generation routines in PGP 2.x and 5.0. Most folks feel
> > that it does a good job.
>
> Indeed. If Martin has some deep insight as to why the /dev/random
> implementation is insufficient for strong crypto, I'd like to hear
> it.
I don't think that it's unsufficient. In fact I think that it just
doesn't
have to be done all inside the kernel. And I oppose further extending
the
places where the event gathering code goes in between.
BTW> There is one strong flaw in the resoning behing this whole entropy
stuff.
Iff you trust the cryptographic algorithm for the one way function you
are
using then if you initialize it once - there will be only one chance for
an attacker to tamper with the values. The possibility
for tampering with it will have a certain value, which remains CONSTANT
over
the time. You could call it: breaking risk as well.
If you continuously reinitialize your one way function, the propabilitie
to
tamper with them will ADD (of course not in pure arithmetic terms). An
attacer simply
get's multiple chances. And therefore the overall propability of
tampering
with the values delivered to the user by this device WILL INCREASE.
Multiple initializations help only against cryptographic attacks - but
THEY HURT
overall security of the system, becouse they "open it up".
So this is indeed a serious FLAW inside the logics behind the
implementation of this device.
next prev parent reply other threads:[~2001-08-21 9:48 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-08-16 4:36 [PATCH] Optionally let Net Devices feed Entropy Robert Love
2001-08-16 4:40 ` [PATCH] 2.4.9-pre4: Optionally let Net Devices feed Entropy (1/2) Robert Love
2001-08-16 4:42 ` [PATCH] 2.4.9-pre4: Optionally let Net Devices feed Entropy (2/2) Robert Love
2001-08-16 4:43 ` [PATCH] 2.4.8-ac5: let Net Devices feed Entropy (1/2) Robert Love
2001-08-16 4:44 ` [PATCH] 2.4.8-ac5: let Net Devices feed Entropy (2/2) Robert Love
2001-08-16 8:50 ` [PATCH] Optionally let Net Devices feed Entropy Francois Romieu
2001-08-16 14:50 ` Robert Love
2001-08-16 17:02 ` Francois Romieu
2001-08-16 19:28 ` Alex Bligh - linux-kernel
2001-08-16 20:19 ` D. Stimits
2001-08-17 0:47 ` Robert Love
2001-08-17 22:56 ` D. Stimits
2001-08-18 5:57 ` Robert Love
2001-08-18 17:44 ` [PATCH] let Net Devices feed Entropy, updated (1/2) Robert Love
2001-08-18 23:41 ` Oliver Xymoron
2001-08-19 0:38 ` Rik van Riel
2001-08-19 3:33 ` Oliver Xymoron
2001-08-19 3:49 ` Robert Love
2001-08-21 7:17 ` Philipp Matthias Hahn
2001-08-19 18:46 ` Mike Castle
2001-08-19 3:12 ` Robert Love
2001-08-19 3:36 ` Oliver Xymoron
2001-08-19 3:41 ` Rik van Riel
2001-08-19 3:57 ` Robert Love
2001-08-19 3:56 ` Robert Love
2001-08-19 14:43 ` lists
2001-08-19 21:34 ` Alex Bligh - linux-kernel
2001-08-19 22:08 ` Entropy from net devices - keyboard & IDE just as 'bad' [was Re: [PATCH] let Net Devices feed Entropy, updated (1/2)] Alex Bligh - linux-kernel
2001-08-19 22:18 ` Alex Bligh - linux-kernel
2001-08-19 22:30 ` David Schwartz
2001-08-19 22:38 ` Alex Bligh - linux-kernel
2001-08-19 22:46 ` David Schwartz
2001-08-20 13:25 ` Alex Bligh - linux-kernel
2001-08-20 19:48 ` David Schwartz
2001-08-21 8:50 ` Alex Bligh - linux-kernel
2001-08-21 7:49 ` David Lang
2001-08-21 9:21 ` Alex Bligh - linux-kernel
2001-08-21 10:06 ` Entropy from net devices - keyboard & IDE just as 'bad' (better timing in random.c) Johan Adolfsson
2001-08-21 18:31 ` Entropy from net devices - keyboard & IDE just as 'bad' [was Re: [PATCH] let Net Devices feed Entropy, updated (1/2)] David Wagner
2001-08-21 21:53 ` Robert Love
2001-08-21 18:29 ` David Wagner
2001-08-21 21:50 ` Robert Love
2001-08-21 21:57 ` Robert Love
2001-08-19 17:08 ` [PATCH] let Net Devices feed Entropy, updated (1/2) Oliver Xymoron
2001-08-19 18:02 ` David Madore
2001-08-19 23:47 ` Oliver Xymoron
2001-08-19 21:19 ` Alex Bligh - linux-kernel
2001-08-19 22:24 ` David Ford
2001-08-20 10:02 ` Martin Dalecki
2001-08-20 10:34 ` Johan Adolfsson
2001-08-20 10:47 ` Martin Dalecki
2001-08-20 13:07 ` Johan Adolfsson
2001-08-20 13:57 ` Alex Bligh - linux-kernel
2001-08-20 14:25 ` Martin Dalecki
2001-08-21 1:11 ` Theodore Tso
2001-08-21 1:36 ` Richard Gooch
2001-08-21 9:43 ` Martin Dalecki [this message]
2001-08-21 9:59 ` Johan Adolfsson
2001-08-21 17:19 ` Richard Gooch
2001-08-21 18:33 ` David Wagner
2001-08-21 4:33 ` Robert Love
2001-08-20 16:15 ` Robert Love
2001-08-20 16:36 ` Robert Love
2001-08-22 6:10 ` Mike Touloumtzis
2001-08-22 6:26 ` Robert Love
2001-08-22 17:27 ` Mike Touloumtzis
2001-08-22 8:54 ` Alex Bligh - linux-kernel
2001-08-22 13:47 ` Chris Friesen
2001-08-19 20:58 ` Alex Bligh - linux-kernel
2001-08-19 22:19 ` Mike Castle
2001-08-19 22:29 ` Alex Bligh - linux-kernel
2001-08-20 2:26 ` Mike Castle
2001-08-20 23:08 ` Tom Rini
2001-08-17 0:47 ` [PATCH] Optionally let Net Devices feed Entropy Robert Love
2001-08-17 14:34 ` Alex Bligh - linux-kernel
2001-08-17 0:47 ` Robert Love
2001-08-17 9:05 ` Francois Romieu
2001-08-17 15:00 ` Alex Bligh - linux-kernel
[not found] <3B80EADC.234B39F0@evision-ventures.com.suse.lists.linux.kernel>
[not found] ` <2248596630.998319423@[10.132.112.53].suse.lists.linux.kernel>
[not found] ` <3B811DD6.9648BE0E@evision-ventures.com.suse.lists.linux.kernel>
[not found] ` <20010820211107.A20957@thunk.org.suse.lists.linux.kernel>
[not found] ` <200108210136.f7L1aa008756@vindaloo.ras.ucalgary.ca.suse.lists.linux.kernel>
2001-08-21 2:14 ` [PATCH] let Net Devices feed Entropy, updated (1/2) Andi Kleen
2001-08-21 3:02 ` Paul Jakma
2001-08-21 3:12 ` Andi Kleen
2001-08-21 3:16 ` David Schwartz
2001-08-21 13:34 ` Paul Jakma
2001-08-21 18:38 ` David Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3B822D2E.69D4380A@evision-ventures.com \
--to=dalecki@evision-ventures.com \
--cc=johan.adolfsson@axis.com \
--cc=linux-kernel@alex.org.uk \
--cc=linux-kernel@vger.kernel.org \
--cc=oxymoron@waste.org \
--cc=rgooch@ras.ucalgary.ca \
--cc=riel@conectiva.com.br \
--cc=rml@tech9.net \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox