[Cryptography] In search of random numbers

Hanno Böck hanno at hboeck.de
Fri Oct 24 18:40:20 EDT 2014

Am Fri, 24 Oct 2014 11:02:51 -0700
schrieb Bear <bear at sonic.net>:

> On Fri, 2014-10-24 at 06:46 +0200, Stephan Neuhaus wrote:
> > On 2014-10-24 02:09, Tom Mitchell wrote:
> > > What "early" needs are there for entropy?
> > 
> > Most SSH keys are generated on first-time boot.
> This is dumb.  
> This is bad design.

Do you have a smart alternative? What should these devices do? Pre-load
them with a key? (I don't particularly like that idea) Tell users they
need to generate a key on their Desktop for their new Internet of Things
light switch?

> We don't need to be providing early boot-time entropy; 
> we need to be educating people that any design which 
> requires early boot-time entropy is a mistake. 

Basically most exploit-mitigation techniques (aslr, stack canaries)
these days require some kind of randomness. Sequence numbers should be
random. There are a number of reasons in-kernel and early boot
processes need good randomness.

Hanno Böck

mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141025/24fc0f4e/attachment.sig>

More information about the cryptography mailing list