[Cryptography] [RNG] on RNGs, VM state, rollback, etc.
Russ Nelson
nelson at crynwr.com
Sun Oct 20 00:38:31 EDT 2013
John Denker writes:
> On 10/19/2013 09:27 AM, Russ Nelson wrote:
> >> Go ahead and mix in stuff like the RTC and the MAC address
> >> if you want, but you'll have a hard time convincing anybody
> >> that such things are sufficient.
> >
> > I just convinced you that the number of bits contributed to the
> > entropy at start-up time is small, didn't I? If I didn't, why didn't
> > I?
>
> Uhhh, that's the answer to a different question. We
> agree that the amount of available entropy is "small".
> My point is that it is too small.
Crypto without a threat model is like cookies without milk.
You're making a claim about the security of a cryptographic algorithm
without specifying the threat model. You are, technically, in a state
of sin. I forgive you my son. Your penance is to memorize another 30
digits of pi.
--
--my blog is at http://blog.russnelson.com
Crynwr supports open source software
521 Pleasant Valley Rd. | +1 315-600-8815
Potsdam, NY 13676-3213 | Sheepdog
More information about the cryptography
mailing list