[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: linux random capabilities ...

Jean-Francois Dive <jef@linuxbe.org> wrote:

> i was talking to a friend, and he was describing the inability of PC
> based security devices to have proper pseudo-random number generation. 
> This sounds to me that i needed some investigation. My general question 
> is: does someone ever heard about any type of cryptographic attack using
> flaws in the random number generation ?

   There is no such thing as randomness.  Only order of infinite
      - _The Holographic Universe_, Michael Talbot

Apparently there was an attack on early Netscape browsers that
attacked the PRNG; see http://www.counterpane.com/yarrow.html
There's a white paper on the topic there too.

I think TCP sequence number prediction might be another example - see

The linux kernel keeps an `entropy pool', which is stirred every time you
press a key, access the disk, move the mouse, and with a patch from Robert
Love's site (http://www.tech9.net/rml/linux/), every time the network is
used too (very necessary for servers in racks IMHO). You can get random
numbers out via /dev/random or /dev/urandom.  These are cryptographically
strong, though they don't come out at one hell of a rate.  Unless, of
course, your Intel motherboard has a hardware entropy collector (gets its
numbers from ambient heat fluctuations, apparently).  And you have turned
that option on in the Linux kernel compile.

In the userspace side of things, there's the Math::TrulyRandom Perl
module, which uses fluctuations in the system timer to get some of
that much-loved entropy.  This takes some time but also produces
pretty good random numbers.
   Sam Vilain, sam@vilain.net     WWW: http://sam.vilain.net/
    7D74 2A09 B2D3 C30F F78E      GPG: http://sam.vilain.net/sam.asc
    278A A425 30A9 05B5 2F13

  The end move in politics is always to pick up a gun.

Reply to: