At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
What we need is a minimum of ONE decent quality additional
entropy source, one that works for diskless IPSEC boxes.
That's unfortunately outside the scope of IPSec :-)
If you don't have random number hardware,
you can't get hardware random numbers.
At 12:35 PM -0700 8/2/99, John Denker wrote:
2) Network timing may be subject to observation and possibly manipulation
by the attacker. My real-time clocks are pretty coarse (10ms resolution).
This subthread started with a discussion of software to estimate the
entropy of a bitstream, and I
At 10:08 AM 8/4/99 -0400, D. Hugh Redelmeier wrote:
I think that this description reflects an inappropriate understanding
of entropy. Entropy is in some sense spread throughout the whole
output of /dev/urandom. You don't use entropy up, you spread it over
more and more bytes of output. This
"John" == John Denker [EMAIL PROTECTED] writes:
John At 10:09 AM 8/2/99 -0400, Paul Koning wrote:
1. Estimating entropy. Yes, that's the hard one. It's
orthogonal from everything else. /dev/random has a fairly simple
approach; Yarrow is more complex.
It's not clear which is
At 10:09 AM 8/2/99 -0400, Paul Koning wrote:
1. Estimating entropy. Yes, that's the hard one. It's orthogonal
from everything else. /dev/random has a fairly simple approach;
Yarrow is more complex.
It's not clear which is better. If there's reason to worry about the
one in /dev/random, a
At 01:27 PM 8/2/99 -0400, Paul Koning wrote:
we weren't talking about "in principle" or "in general".
Sure, given an unspecified process of unknown (to me) properties I
cannot make sensible statements about its entropy. That is true but
it isn't relevant to the discussion.
Instead, we're
At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
I only remember a few proposals (2 or 3?) and they didn't seem to be
[unduly weak]. Or do you feel that what I've proposed is this
weak? If so, why? I've seen comments that say "be careful" but I
don't remember any comments suggesting that what I
"John" == John Denker [EMAIL PROTECTED] writes:
John At 01:50 PM 8/2/99 -0400, Paul Koning wrote:
I only remember a few proposals (2 or 3?) and they didn't seem to
be [unduly weak]. Or do you feel that what I've proposed is this
weak? If so, why? I've seen comments that say "be
John The point is that there are a lot of customers out there who
John aren't ready to run out and acquire the well-designed hardware
John TRNG that you alluded to. So we need to think carefully about
John the gray area between the strong-but-really-expensive solution
John and the