chip-level randomness?
Bram Cohen
bram at gawth.com
Wed Sep 19 18:20:35 EDT 2001
On Wed, 19 Sep 2001, Peter Fairbrother wrote:
> Bram Cohen wrote:
>
> > You only have to do it once at startup to get enough entropy in there.
>
> If your machine is left on for months or years the seed entropy would become
> a big target. If your PRNG status is compromised then all future uses of
> PRNG output are compromised, which means pretty much everything crypto.
> Other attacks on the PRNG become possible.
Such attacks can be stopped by reseeding once a minute or so, at much less
computational cost than doing it 'continuously'. I think periodic
reseedings are worth doing, even though I've never actually heard of an
attack on the internal state of a PRNG which was launched *after* it had
been seeded properly once already.
-Bram Cohen
"Markets can remain irrational longer than you can remain solvent"
-- John Maynard Keynes
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list