Re: monitoring entropy

Raul Miller (rdm@test.legislate.com)
Tue, 14 Oct 1997 17:50:43 -0401

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kai Henningsen: "Re: Snapshot, mostly bug fixes and cleanups"
Previous message: Linux Developer: "Problem with SMC Ultra ethernet drivers in 2.0.30"

> > Ingo Molnar <mingo@pc7537.hil.siemens.at> wrote:
> > > user-space needs entropy only for things like PGP key generation or SSH
> > > key generation, so these restrictions do not look like to be a problem,
> > > and IMO they defeat all user-space pool-draining attacks.

On Tue, 14 Oct 1997, Raul Miller wrote:
> > Counterexample: ftp://koobera.math.uic.edu/pub/software/sigs-0.50.tar.gz
> > uses a lot of entropy for secret key generation.

Ingo Molnar <mingo@pc7537.hil.siemens.at> wrote:
> but it's not at all secret anymore if you drain the pool? i think 'lossy'
> (nonblocking) entropy generation should go into libc, not into the kernel!

I'm sorry, I misread your original statement. You are correct.
[This was merely an example of a user-space program that uses a
lot more bits than pgp or ssh.]

-- 
Raul

Next message: Kai Henningsen: "Re: Snapshot, mostly bug fixes and cleanups"
Previous message: Linux Developer: "Problem with SMC Ultra ethernet drivers in 2.0.30"