55 messages in org.freebsd.freebsd-currentRe: entropy reseeding is totally broken| From | Sent On | Attachments |
|---|---|---|
| Андрей Чернов | Oct 19, 2000 9:48 pm | |
| Udo Schweigert | Oct 19, 2000 10:57 pm | |
| Андрей Чернов | Oct 19, 2000 11:39 pm | |
| Андрей Чернов | Oct 19, 2000 11:51 pm | |
| Doug Barton | Oct 20, 2000 1:18 am | |
| Андрей Чернов | Oct 20, 2000 9:27 am | |
| Андрей Чернов | Oct 20, 2000 9:43 am | |
| Mark Murray | Oct 20, 2000 10:06 am | |
| Андрей Чернов | Oct 20, 2000 1:13 pm | |
| Warner Losh | Oct 24, 2000 11:15 am | |
| Terry Lambert | Oct 25, 2000 3:35 am | |
| Андрей Чернов | Oct 25, 2000 3:50 am | |
| Mark Murray | Oct 25, 2000 10:37 am | |
| Андрей Чернов | Oct 25, 2000 11:12 am | |
| Wesley Morgan | Oct 25, 2000 2:15 pm | |
| Mark Murray | Oct 25, 2000 3:12 pm | |
| John W. De Boskey | Oct 25, 2000 4:20 pm | |
| Wesley Morgan | Oct 25, 2000 4:50 pm | |
| Mark Murray | Oct 25, 2000 5:01 pm | |
| Doug Barton | Oct 25, 2000 9:28 pm | |
| Ed Hall | Oct 26, 2000 12:30 am | |
| David O'Brien | Oct 26, 2000 12:50 am | |
| Андрей Чернов | Oct 26, 2000 1:47 am | |
| Kris Kennaway | Oct 26, 2000 2:17 am | |
| Kris Kennaway | Oct 26, 2000 2:21 am | |
| Андрей Чернов | Oct 26, 2000 2:54 am | |
| Андрей Чернов | Oct 26, 2000 3:01 am | |
| Rod Taylor | Oct 26, 2000 3:30 am | |
| Андрей Чернов | Oct 26, 2000 3:34 am | |
| Jordan Hubbard | Oct 26, 2000 5:20 am | |
| John W. De Boskey | Oct 26, 2000 6:24 am | |
| Matt Dillon | Oct 26, 2000 9:55 am | |
| Mark Murray | Oct 26, 2000 10:06 am | |
| Mark Murray | Oct 26, 2000 10:17 am | |
| John Baldwin | Oct 26, 2000 11:06 am | |
| Андрей Чернов | Oct 26, 2000 11:36 am | |
| Terry Lambert | Oct 26, 2000 12:04 pm | |
| Mark Murray | Oct 26, 2000 12:39 pm | |
| Doug Barton | Oct 26, 2000 12:49 pm | |
| David O'Brien | Oct 26, 2000 1:26 pm | |
| Mark Murray | Oct 26, 2000 1:29 pm | |
| Matt Dillon | Oct 26, 2000 1:47 pm | |
| Mark Murray | Oct 26, 2000 2:02 pm | |
| Ed Hall | Oct 26, 2000 2:03 pm | |
| Matt Dillon | Oct 26, 2000 2:25 pm | |
| Doug Barton | Oct 26, 2000 2:44 pm | |
| Poul-Henning Kamp | Oct 26, 2000 2:51 pm | |
| Wesley Morgan | Oct 26, 2000 3:07 pm | |
| David O'Brien | Oct 26, 2000 3:15 pm | |
| Poul-Henning Kamp | Oct 26, 2000 3:18 pm | |
| Jim Bryant | Oct 26, 2000 3:29 pm | |
| Mark Murray | Oct 26, 2000 3:56 pm | |
| Doug Barton | Oct 26, 2000 9:00 pm | |
| Terry Lambert | Oct 27, 2000 5:19 pm | |
| Doug Barton | Oct 27, 2000 7:18 pm |
| Subject: | Re: entropy reseeding is totally broken | |
|---|---|---|
| From: | Doug Barton (Dou...@gorean.org) | |
| Date: | Oct 26, 2000 12:49:25 pm | |
| List: | org.freebsd.freebsd-current | |
On Thu, 26 Oct 2000, John Baldwin wrote:
How about when I hit the reset button? That case SHOULD be taken care of too! Would it not be possible to sample /dev/random to store the entropy every hour or so that the system runs? Atleast that way you would be guarenteed to have something.
And if a malicious user on your machine grabs the saved entropy file and then reboots your machine using some exploit of some sort? Granted neither of these tasks may be easy, and it could be done in such a way that the first requires root access.
I stated this same objection until I actually attended Mark's presentation at the 'con. The yarrow algorithm uses an encrypted hash for the entropy on the way in, and encrypts the output on the way out. This would make it extremely difficult to guess the state at reboot, even if we weren't picking up new entropy sources during the boot process.
Pending Mark's approval, I'd like to suggest we add a cron job to dump X k of data from /dev/random to a file (/boot/.periodic_entropy maybe?) and use that, AND ${entropy_file:/var/db/entropy} to reseed at boot, and only do the "long, annoying" failover process if neither file exists. The only remaining questions would be how many k of data to dump how often.
Doug
-- "The dead cannot be seduced." - Kai, "Lexx"
Do YOU Yahoo!?
To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message