Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
Is it maybe possible to receive randomness through an encrypted connection from a 'randomness'
Posted May 30, 2008 10:34 UTC (Fri) by Duncan (guest, #6647)
Hmm... your post asking the question, posted May 29, a comment subthread
discussing basically that, initial post May 22...
It might be worthwhile reading or at least scanning the existing comments
before you ask a question in your own comment...
That said, the subthread in question proposed an /unencrypted/ connection
to such a server (random.org). You at least get credit for not
making /that/ mistake. However, as I just pointed out in a reply to that
subthread, an encrypted connection probably (I'm no expert, but I believe
the usual SSL method does anyway) requires some initial entropy to setup
in the first place, so unless you fetch more than that, it's hardly worth
it, and even then, you'd have to have at least some initial good quality
entropy to setup the connection or anything received on it could hardly be
trustworthy in the first place, so it's a bit of a chicken an egg problem.
Of course, if the encryption entropy is pregenerated and stored, such as
with one-time-pads or the like, it's possible. OTOH, the longer such
pregenerated entropy is held, the more opportunity there has been to
compromise it by some means or other, so that's not a perfect solution
either. Still, it may be "good enough", but then again, the unencrypted
http solution discussed above, or indeed, the "enriched" PRNG solution
of /dev/urandom, is likely "good enough" for most general use cases as
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds