David Honig wrote:
>
> At 04:45 PM 7/17/99 -0400, John Denker wrote:
> >Hi Folks --
> >
> >I have a question about various scenarios for an attack against IPsec by way
> >of the random number generator. The people on the linux-ipsec mailing list
> >suggested I bring it up here.
>
> >>..worries
RFC 1750 recommends the Blum Blum Shub generator.
Donald
From: bram <[EMAIL PROTECTED]>
Date: Sat, 17 Jul 1999 16:18:20 -0700 (PDT)
To: Eugene Leitl <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
In-Reply-To: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: TEXT/PLAIN; charset
On Sun, 18 Jul 1999, Bill Stewart wrote:
> /dev/urandom will give you pseudo-random bits if it's run out of entropy,
> so you've got the security risks inherent in that.
> As David Honig points out, you can't avoid those alternatives,
Yes you can, if there's a 'pool' of entropy in memory which
At 10:04 PM 7/17/99 -0700, Mike Brodhead wrote:
>> Step 3a) If Whitney is getting key material from /dev/random, the result
is
>> a denial of service. All the IPsec tunnels will time out and will be
>> replaced slowly or not at all, because of the entropy shortage.
>
>seems to me that the reaso
bram wrote:
> > > Most of the fancy reseedable PRNG schemes people have come up with are
> > > based on using secure hashes.
> >
> > They are sure validated, but are they the best we can do? MD5, the
> > nonplusultra, really?
>
> The main reason for secure hashes being the primary primitive us
At 04:45 PM 7/17/99 -0400, John Denker wrote:
>Hi Folks --
>
>I have a question about various scenarios for an attack against IPsec by way
>of the random number generator. The people on the linux-ipsec mailing list
>suggested I bring it up here.
>>..worries that /dev/random exhaustion -> DoS,
On Sat, 17 Jul 1999, Eugene Leitl wrote:
> bram writes:
>
> > Most of the fancy reseedable PRNG schemes people have come up with are
> > based on using secure hashes.
>
> They are sure validated, but are they the best we can do? MD5, the
> nonplusultra, really?
The main reason for secure has
