On Wed, 15 Nov 2000, Rich Salz wrote:
>I'm putting together a system that might need to generate thousands of RSA
>keypairs per day, using OpenSSL on a "handful" of Linux machines. What do
>folks think of the following: take one machine and dedicate it as an entropy
>source. After 'n' seconds turn the network card into promiscuous mode, scoop
>up packets and hash them, dump them into the entropy pool. Do this for 'm'
>seconds, then go back to sleep for awhile. The sleep and wake times are
>random numbers. Other systems on the newtwork periodically make an SSL
>connection to the entropy box, read bytes, and dump it into their /dev/random
>device.
>
>Is this a cute hack, pointless, or a good idea?
It is an excruciatingly bad idea. Consider the attacker with a "sniffer"
on your network (one of your own boxes can be a sniffer, if he gets any
trojan code into it). He listens and records all the packets. He has
a starting point a hell of a lot better than random on your entropy pool.
Hence, on the entropy pool of all your machines.
You need a source of real randomness. There are commercially-produced
cards that use noisy diodes - stick one of those into the bus and run
Yarrow on the output of it.
I advise against transmitting random numbers over your network if you
can avoid it. Locally produced is best, any transmission is a potential
compromise.
Bear
