dom" numbers. Do they use hardware of software?
There would be some interesting attack possibilities if they were to
use LCGs with small states, but surely they'd be smarter than that ;)
-d
--
| ``The power of accurate observation is | Damien Miller <[EMAIL PROTECTED]>
|
You can do this using ppp over stunnel[1], a SSL wrapper tool.
-d
[1] http://www.stunnel.org/
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
traffic, not content).
I find it difficult to believe that NAPs aren't using a switched
architecture, which should make this sort of thing much more difficult
(barring ARP tricks).
-d
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.m
implicitly illegal?
--d
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
keep old hardware / software around to recoved old data.
A cleaned up secsplit which uses /dev/urandom for randomness can be
found at http://www.mindrot.org/misc/secsplit-1.2.tar.gz
-d
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
/dev/random as the IV, but this may
be overkill.
Would the system be weakened if I was to use just the block number?
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: [EMAIL PROTECTED] (home) -
s mean they can wiretap Australian conversations
> as well?
"They" have been able to do this for years.
Regards,
Damien Miller
- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: [EMAIL PROTECTED] (home) -or-
ralia Post's failed KeyPOST CA did this too. I suspect part of
the reason for their failure was avoidance by clued-in users.
Damien
- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTE
chip by the very same vendor.
You don't see the inconsistency?
Regards,
Damien Miller
- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
-BEGIN PG
ve
compromised the system.
This is doubly interesting given you choice of operating system
(as mentioned in your .sig).
Regards,
Damien Miller
- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Emai
and number of bits credited to the KRNG are all user configurable.
There is an alpha version at:
http://toad.ilogic.com.au/~dmiller/files/audio-entropyd-0.0.0.tar.gz
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - ht
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
em - if the
> randomness source starts spewing after only getting 40 bits of entropy
> then it's wide open to attack, regardless of how much whitening it does on
> the output.
Good point - it makes sense to modify the random driver to not output
until a lower bound of entropy has been collected.
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
riginal source
helps quite a bit.
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
14 matches
Mail list logo