[clug] entropy

[Jepri]

Kim Holburn wrote:

>At 11:10 AM +1000 2003/08/30, Martijn van Oosterhout wrote:
>  
>
>>On Sat, Aug 30, 2003 at 08:55:44AM +1000, Kim Holburn wrote:
>>    
>>
>>>Apparently the consensus is that you can't use the network device for
>>>entropy "because an attacker might potentially control input and make it
>>>non-random".  Is this possible?  I don't know.
>>>      
>>>
>>I've always thought this a bit strange. I'm not convinced that an attacker
>>can control the timing accuratly enough to predict the very last bit of the
>>CPU cycle counter which flips maybe a billion times a second. At this level
>>you're talking about DRAM latency timings and whether not things are in
>>cache. One bit of entropy per network packet would be enough for most
>>things.
>>
>>    
>>
I'm not the best at cryptanalysis, but I don't think they're worried 
that the attacker can predict anything, only that the attacker might be 
able to find a pattern after the attack.

I think the fear is that since all network equipment runs on 
deterministic macinery, anything they do is determined by a prevoius 
state.  If you can affect that state in any way, you can affect the 
outcome and deduce what happened in between. 

In theory, anyway.