[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: True random numbers

To: [email protected]
Subject: Re: True random numbers
From: "Sandy Harris" <[email protected]>
Date: Sat, 17 Feb 96 21:25:58 -0400
Reply-To: <[email protected]>
Sender: [email protected]

Deranged Mutant  <[email protected]> wrote:

>[email protected] wrote:
>> 
>> I was trying to think of a way to come up with true random numbers...
>> And knowing a bit of UNIX socket TCP/IP programming I made a small [..]
>
>I wouldn't trust the samples taken from networked sources.

Me neither, in general.

A possible exception: I wonder if the checksums on Ethernet or IP
packets use a reasonably strong CRC algorithm. If so, they might be
a decent source of randomness in an environment where you could be
sure the Black Hats couldn't see them. e.g. using only packets from
your own LAN, suitably protected by firewall & good administration.

>You're better
>off with a kernel patch that samples from local sources directly like 
>disk or keyboard timing variations... such patches already exist, with 
>similar drivers developed for DOS and OS/2 systems as well.

I'd be more inclined to hash the kernel's internal tables, e.g. process
& file descriptor tables. These should vary quite a lot & if the enemy
can see them, random number quality is the least of your worries.

RFC 1750 is a good reference on this problem.
 --
 Sandy Harris
 [email protected]

Follow-Ups:
- Re: True random numbers
  - From: [email protected]

Prev by Date: Re: Legal status of Indian Reservations and CDA
Next by Date: Privacy and Information Disclosure
Prev by thread: Re: True random numbers
Next by thread: Re: True random numbers
Index(es):
- Date
- Thread