Re: randomdev entropy gathering is really weak

Jeroen C. van Gelderen Mon, 17 Jul 2000 18:41:48 -0700

Poul-Henning Kamp wrote:
> 
> In message <[EMAIL PROTECTED]>, Alexander Langer writ
> es:
> >Thus spake Poul-Henning Kamp ([EMAIL PROTECTED]):
> >
> >> I have thought about adding a entropy server to my array of weird
> >> servers in my lab.  Something like a Geiger counter and a smokedetector
> >> could do wonders.
> >
> >HA! Cool!
> >
> >Do that please!
> >
> >I mean, seriously.
> >And an option to sysinstall, where you can enable this as you can with
> >ntpdate :)
> 
> DuH!
> 
> NTP is the perfect way to gather entropy at bootup!
> 
> Predicting the clock's offset from reality and the two way path to
> the server of choice is impossible, plus if people enable authentication
> later on the packets will be choke full of high-quality entropy.

Please quantify 'impossible'.

> We need an enterprising soul to add an option (default on) to
> ntpdate to write the received packets in toto to /dev/random
> if it exists.

I think we first need to figure out the security implications.

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen          o      _     _         _
[EMAIL PROTECTED]  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: randomdev entropy gathering is really weak

Reply via email to