[Cryptography] randomness +- entropy
Bill Frantz
frantz at pwpconsult.com
Thu Nov 7 10:15:28 EST 2013
On 11/6/13 at 8:16 PM, leichter at lrw.com (Jerry Leichter) wrote:
>In fact, though, I can think of one simple example: A CD Linux
>image used precisely to conduct operations we want to keep
>secure. For example, there's a suggestion that small
>businesses use exactly such a thing to do their on-line
>banking, as their usual systems are way too vulnerable to
>various kinds of malware (and small businesses have been
>subject to attacks that bankrupted them). The CD itself can't
>carry a seed, as it will be re-used repeatedly. It has to come
>up quickly, and on pretty much any hardware, to be useful. You
>could probably get something like Turbid in there - but there
>are plenty of CD's around already that have little if anything.
In this case there is an active UI with an attached keyboard and
mouse. It is probably a really major change to Linux boot, but
use any excuse to get user to move the mouse and you have plenty
of "randomness" to seed the RNG.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Privacy is dead, get over | Periwinkle
(408)356-8506 | it. | 16345
Englewood Ave
www.pwpconsult.com | - Scott McNealy | Los Gatos,
CA 95032
More information about the cryptography
mailing list