[Cryptography] randomness +- entropy

Jerry Leichter leichter at lrw.com
Wed Nov 13 15:33:02 EST 2013 

On Nov 12, 2013, at 8:54 PM, Bill Stewart wrote:
> Most applications can wait.... The one potential example I can think of is hard drive encryption -
> it definitely needs good (pseudo)randomness,
Why?  It's not like you're going to need to generate a new key; nor do disk encryption modes typically require an IV or any other associated random value.  (They are typically block by block, so there's no room to store anything beyond the encrypted block itself.)

Beyond that ... what data could *need* encryption?  By hypothesis, everything the system does is predictable to an opponent - otherwise we'd have our random seed.  What's the point in encrypting data an opponent can already predict?

> and needs to start pretty early in the boot process
> so other applications can have a file system to write to,
> and I'd prefer not to have a system that starts out
> writing unencrypted/badlyencrypted data and then updates it,
> though I suppose you don't typically have any user data that early.
> (BTW, does an encrypted disk drive provide any useful seed material for future boots?)
It depends on what you wrote there - and on whether you're concerned that an attacker could have gotten his hands on it.  If you're not concerned about an attack who could see the physical disk, the raw data stored in an encrypted file system is a pretty good seed.  If you think someone go get access to the physical disk, but that they wouldn't have the key, then you can store all the state you want, securely per hypothesis, within one ore more encrypted file systems.

> Are there any network processes that need crypto before running?
> Applications like sshd and https obviously do, so you need /dev/*random running before you can use them for system administration, but they probably don't need to be ready early.
There really should not be.  Of course, people make dumb decisions all the time, and then find it easy to convince themselves that what they did is *right* and must be supported.  http://xkcd.com/1172/  In that direction madness lies.

                                                        -- Jerry

More information about the cryptography mailing list