Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 18 Aug 2002 01:49:51 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 18 Aug 2002 01:49:51 -0400 Received: from waste.org ([209.173.204.2]:20454 "EHLO waste.org") by vger.kernel.org with ESMTP id ; Sun, 18 Aug 2002 01:49:50 -0400 Date: Sun, 18 Aug 2002 00:53:48 -0500 From: Oliver Xymoron To: Andreas Dilger , linux-kernel Subject: Re: [PATCH] (0/4) Entropy accounting fixes Message-ID: <20020818055348.GN21643@waste.org> References: <20020818021522.GA21643@waste.org> <20020818025913.GF21643@waste.org> <20020818052808.GS9642@clusterfs.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020818052808.GS9642@clusterfs.com> User-Agent: Mutt/1.3.28i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1839 Lines: 41 On Sat, Aug 17, 2002 at 11:28:08PM -0600, Andreas Dilger wrote: > > Even so, I would agree with Linus in the thought that being "too > paranoid" makes it basically useless. If you have people sniffing > your network right next to the WAN side of your IPSec firewall with > GHz network analyzers and crafting packets to corrupt your entropy > pool, then chances are they could just as easily sniff the LAN side > of your network and get the unencrypted data directly. The same > holds true for keystroke logging (or spy camera) to capture your pass > phrase instead of trying an incredibly difficult strategy to "influence" > the generation of this huge key in advance. Actually, my attack model here assumes a hostile LAN. GHz WAN is fairly uncommon. This design comes from an entropy pool I made from scratch for another system and fixed what I thought the deficits are in the Linux model. Current Linux a) overestimates entropy b) can't incorporate untrusted data c) doesn't sample from the network at all. I think if I'd broken this up this way: piece 1a: mix in untrusted data without accounting it piece 1b: start sampling the network as untrusted data piece 2a: clean up bogosity in entropy accounting ..no one would have objected. > In the end, if you make it so hard to extract your secrets in a stealthy > manner, they will just start with a few big guys and a rubber hose... Oddly enough, I came home today from running errands to discover that someone had tried brute-forcing my front door with a crowbar. -- "Love the dolphins," she advised him. "Write by W.A.S.T.E.." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/