[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cryptosplit 2.0




Hal Finney writes:
 > But I did go to some
 > effort with the random-number generation on which the security of the
 > scheme depends.  My code uses the IDEA.C module from PGP for the
 > pseudo-random generator, seeding it with the time of day and an MD5
 > hash of the file being split.  So I think this should be pretty secure
 > in terms of the randomness involved.

On UNIX systems, where keystroke timing can be problematic, couldn't a
collection of various system metrics be used to provide a bunch of
reasonable pseudo-random bits?  Things like:

*	Disk space in /
*	Network activity (in/out packet counts)
*	load average
*	swap space available
*	time of day (duhh)

Of course, one would want to ensure that no monitoring or logging
software (like the stuff I work on :-) keeps coherent snapshots around
anywhere... 

--
Mike McNally