[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Can NSA crack PGP?

To: [email protected]
Subject: Can NSA crack PGP?
From: [email protected] (Phil Karn)
Date: Tue, 23 Nov 1993 00:59:47 -0800
Cc: [email protected]
In-Reply-To: Matt Blaze's message of Tue, 23 Nov 93 00:33:26 EST <[email protected]>

>Minor nit: I agree that keystroke timing is good in principle for getting
>"true" random bits, but we should be careful not to extrapolate too much from
>the STU-III for general purpose computer systems.

I fully agree.

>Compounding the issue is knowing which bits in the interarrival time are
>the "hotest" ones to measure on a particular system, which may be surprisingly
>far from the lowest order bits depending on the clock granularity and skew.

I think this is less of a problem. Given a good cryptograpic hash
function, I would simply hash *all* of the clock bits, without regard
to which are the "hottest" ones. If (important 'if') there is
sufficient total entropy in the input bits, hashing should effectively
"distill" the input entropy into the output bits.

Phil

Follow-Ups:
- Re: Can NSA crack PGP?
  - From: Derek Atkins <[email protected]>

References:
- Re: Can NSA crack PGP?
  - From: Matt Blaze <[email protected]>

Prev by Date: Re: Anonymity on the net
Next by Date: Re: Can NSA crack PGP?
Prev by thread: Re: Can NSA crack PGP?
Next by thread: Re: Can NSA crack PGP?
Index(es):
- Date
- Thread