[clug] entropy

Jepri jepri at webone.com.au
Sun Aug 31 10:35:36 EST 2003

Kim Holburn wrote:

>At 11:10 AM +1000 2003/08/30, Martijn van Oosterhout wrote:
>>On Sat, Aug 30, 2003 at 08:55:44AM +1000, Kim Holburn wrote:
>>>Apparently the consensus is that you can't use the network device for
>>>entropy "because an attacker might potentially control input and make it
>>>non-random".  Is this possible?  I don't know.
>>I've always thought this a bit strange. I'm not convinced that an attacker
>>can control the timing accuratly enough to predict the very last bit of the
>>CPU cycle counter which flips maybe a billion times a second. At this level
>>you're talking about DRAM latency timings and whether not things are in
>>cache. One bit of entropy per network packet would be enough for most
I'm not the best at cryptanalysis, but I don't think they're worried 
that the attacker can predict anything, only that the attacker might be 
able to find a pattern after the attack.

I think the fear is that since all network equipment runs on 
deterministic macinery, anything they do is determined by a prevoius 
state.  If you can affect that state in any way, you can affect the 
outcome and deduce what happened in between. 

In theory, anyway.

More information about the linux mailing list