From: Mark Borgerding <mark@borgerding.net>
To: "Stephen D. Williams" <sdw@lig.net>
Cc: linux-kernel@vger.kernel.org
Subject: Re: High Quality Random sources, was: Re: SecuriKey
Date: Sun, 11 Jan 2004 23:16:01 -0500 [thread overview]
Message-ID: <40021F81.9090602@borgerding.net> (raw)
In-Reply-To: <4001ECBE.1020009@lig.net>
Disregarding the debates of true vs. pseudo randomness, ( an argument
best left to cypherpunks, philosophers, and quantum physicists ) -- let
me repeat the question the original poster asked ...
Does anyone have any info about securikey? The "white papers" on their
website are nothing but fluff.
It smells like snake oil to me -- probably just a thumbdrive with an
authentication driver.
Unless it actually encrypts the hard disk, it can't provide much security.
The system can most likely still be booted from a floppy or cdrom.
-
Mark Borgerding
Stephen D. Williams wrote:
> Impossible? I think not. Some "mechanical" devices do exhibit true
> random capability, especially when enhanced by algorithmic means.
> To wit: http://www.lavarand.org/
>
> Let me know if you can prove their methods don't provide a true "high
> quality" random source.
>
> I'd like to see their code as a module with an automatic test to make
> sure that the random source is high quality. In this case, that would
> mean making sure that the cap was not off the camera.
>
> sdw
>
> tabris wrote:
>
>> ...
>> I should also mention that the problem with 'generating' an OTP
>> via any mechanical or algorithmic means is impossible as at best an
>> OTP will only be pseudo-random, and therefore with identical inputs
>> (assuming it is possible, which we can assume here for the sake of
>> theory and security), the same OTP can be generated, thus breaking
>> our assumption/necessity of non-deterministic output.
>>
>> I'd say more but I'm on my way to work.
>> - --
>> tabris
>> - -
>> I do not know whether I was then a man dreaming I was a butterfly, or
>> whether I am now a butterfly dreaming I am a man.
>> -- Chuang-tzu
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.2.3 (GNU/Linux)
>>
>> iD8DBQFAAagR1U5ZaPMbKQcRAmo2AJ0Wc6xTLCd/swZYlEO6emktLhOtRgCfUUP5
>> OB4YFi6bh1yrVMzGIoN6XNs=
>> =O/uT
>> -----END PGP SIGNATURE-----
>>
>> -
>> To unsubscribe from this list: send the line "unsubscribe
>> linux-kernel" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>> Please read the FAQ at http://www.tux.org/lkml/
>>
>>
>
>
next prev parent reply other threads:[~2004-01-12 4:16 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-01-11 15:44 SecuriKey Hunt, Adam
2004-01-11 19:46 ` SecuriKey tabris
2004-01-12 0:39 ` High Quality Random sources, was: SecuriKey Stephen D. Williams
2004-01-12 3:38 ` tabris
2004-01-12 3:47 ` tabris
2004-01-12 4:10 ` Stephen D. Williams
2004-01-12 5:57 ` Valdis.Kletnieks
2004-01-12 6:19 ` Stephen D. Williams
2004-01-12 4:16 ` Mark Borgerding [this message]
2004-01-12 20:37 ` SecuriKey David Schwartz
2004-01-12 21:27 ` SecuriKey Richard B. Johnson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40021F81.9090602@borgerding.net \
--to=mark@borgerding.net \
--cc=linux-kernel@vger.kernel.org \
--cc=sdw@lig.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox