On the "randomness" of DNS
Ben Laurie
ben at links.org
Sat Aug 2 17:51:53 EDT 2008
Philipp Gühring wrote:
> Hi,
>
> I would suggest to use http://www.cacert.at/random/ to test the
> randomness of the DNS source ports. Due to the large variety of
> random-number sources that have been tested there already, it's useful
> as a classification service of unknown randomly looking numbers.
> You just have to collect 12 MB of numbers from a DNS server and upload
> it there. (If you get 2 Bytes per request, that's 6 million requests you
> have to do)
>
>>> I don't see the point of evaluating the quality of a random number
>>> generator by statistical tests.
>
> We successfully used statistical tests to detect broken random number
> generators, we informed the vendors and they fixed them.
> http://www.cacert.at/cgi-bin/rngresults
Are you seriously saying that the entropy of FreeBSD /dev/random is 0?
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list