[Cryptography] In search of random numbers
Hanno Böck
hanno at hboeck.de
Fri Oct 24 18:40:20 EDT 2014
Am Fri, 24 Oct 2014 11:02:51 -0700
schrieb Bear <bear at sonic.net>:
> On Fri, 2014-10-24 at 06:46 +0200, Stephan Neuhaus wrote:
> > On 2014-10-24 02:09, Tom Mitchell wrote:
> > > What "early" needs are there for entropy?
> >
> > Most SSH keys are generated on first-time boot.
>
> This is dumb.
>
> This is bad design.
Do you have a smart alternative? What should these devices do? Pre-load
them with a key? (I don't particularly like that idea) Tell users they
need to generate a key on their Desktop for their new Internet of Things
light switch?
> We don't need to be providing early boot-time entropy;
> we need to be educating people that any design which
> requires early boot-time entropy is a mistake.
Basically most exploit-mitigation techniques (aslr, stack canaries)
these days require some kind of randomness. Sequence numbers should be
random. There are a number of reasons in-kernel and early boot
processes need good randomness.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141025/24fc0f4e/attachment.sig>
More information about the cryptography
mailing list