Re: /dev/random: really secure?

From: Jamie Lokier (lk@tantalophile.demon.co.uk)
Date: Mon Dec 18 2000 - 15:38:01 EST

Next message: Tim Waugh: "Re: Linux 2.4.0test13pre3ac1"
Previous message: Chris Lattner: "Re: [Korbit-cvs] Re: ANNOUNCE: Linux Kernel ORB: kORBit"
In reply to: David Schwartz: "RE: /dev/random: really secure?"
Next in thread: Theodore Y. Ts'o: "Re: /dev/random: really secure?"
Reply: Theodore Y. Ts'o: "Re: /dev/random: really secure?"
Reply: David Schwartz: "RE: /dev/random: really secure?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Schwartz wrote:
> The code does its best to estimate how much actual entropy it is gathering.

A potential weakness. The entropy estimator can be manipulated by
feeding data which looks random to the estimator, but which is in fact
not random at all.

-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tim Waugh: "Re: Linux 2.4.0test13pre3ac1"
Previous message: Chris Lattner: "Re: [Korbit-cvs] Re: ANNOUNCE: Linux Kernel ORB: kORBit"
In reply to: David Schwartz: "RE: /dev/random: really secure?"
Next in thread: Theodore Y. Ts'o: "Re: /dev/random: really secure?"
Reply: Theodore Y. Ts'o: "Re: /dev/random: really secure?"
Reply: David Schwartz: "RE: /dev/random: really secure?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Dec 23 2000 - 21:00:23 EST