David Honig wrote: > > At 04:45 PM 7/17/99 -0400, John Denker wrote: > >Hi Folks -- > > > >I have a question about various scenarios for an attack against IPsec by way > >of the random number generator. The people on the linux-ipsec mailing list > >suggested I bring it up here. > > >>..worries that /dev/random exhaustion -> DoS, and /dev/urandom -> PRNG after > exhaustion.. > > You are correct. There is no way around this, except to add a true RNG > to your server. With an open source OS, you can add this to the existing > /dev/[u]random code That isn't a way around it, that just gives you higher speed randomness. The obvious way to solve the underlying problem, as I've already said, is to use hashcash. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi
- Re: depleting the random numb... Sandy Harris
- Re: depleting the random number genera... Donald E. Eastlake 3rd
- Re: depleting the random number ge... Eric Murray
- Re: depleting the random number generator Russell Nelson
- Re: depleting the random number generator Mike Brodhead
- Re: depleting the random number generator Bill Stewart
- Re: depleting the random number generator James A. Donald
- Re: depleting the random number generator David Honig
- Re: depleting the random number generator Ben Laurie
- Re: depleting the random number generator Bill Stewart
- Re: depleting the random number generator Ben Laurie
- RE: depleting the random number generator Enzo Michelangeli
- RE: depleting the random number generator bram
- Re: depleting the random number generator Ben Laurie
- Re: depleting the random number genera... bram
- Re: depleting the random number genera... James A. Donald
- Re: depleting the random number ge... Arnold G. Reinhold
- Re: depleting the random numb... David Wagner
- Re: depleting the random ... James A. Donald