Date: Tue, 8 Aug 2000 16:04:13 +0200
From: "Andi Kleen" <ak@suse.de>
I'm not sure. One possible attack would be to try to change your
entropy pool by sending packets in the right frequency, also
e.g. regular broadcasts may not have enough jitter. One possible fix
for that would be to use a secure random generator with a secret that
selects which packets to get information from etc, but there may be
again attacks with that.
Actually, that isn't the real disaster. The real worry here is if an
attacker can break into a machine on your local network and using
tcpdump, and then be able to guestimate what the inputs to your entropy
pool is based on the network interrupts. Given that the pentium cycle
counter is mixed in, this is actually pretty difficult, but it's really
matter of how paranoid you are.
The bottom line here is that you have to worry about more than just
whether or not the attacker can influence the inputs; it's just as
important to worry about whether the attacker can know what the inputs
to your entropy pool will be.
- Ted
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Aug 15 2000 - 21:00:16 EST