[Cryptography] What's a Plausible Attack On Random Number Generation?
Joe Abley
jabley at hopcount.ca
Thu Oct 31 16:29:17 EDT 2013
On 2013-10-31, at 14:48, David Mercer <radix42 at gmail.com> wrote:
> Your datacenter description is a pretty good match for what I've seen in the last 10+ years for decently high-end facilities. The main flaw I can see is in using the network for entropy on boot up, especially on first boot. As there are quite a few services starting up that need good random numbers in most systems, you are as you say going to wait a while to grab enough entropy. Your entropy collection is going to have to start so early in the boot process that you aren't going to be sending out much, if any, network traffic, and are not going to be getting much of it.
Perhaps there's an opportunity here to think about dedicated hosts in such a network with good random number sources which spray randomness around a site-local multicast scope.
Such an approach could be weakened by spraying similar (deliberately) weak randomness around the place, which implies a need to authenticate the real random spray sources (pre-shared key + signed random payload, or something).
Joe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131031/9e6bb048/attachment.pgp>
More information about the cryptography
mailing list