Re: [RNG] on RNGs, VM state, rollback, etc.
[Posted October 23, 2013 by corbet]
| From: |
| Russ Nelson <nelson-AT-crynwr.com> |
| To: |
| John Denker <jsd-AT-av8n.com> |
| Subject: |
| Re: [RNG] on RNGs, VM state, rollback, etc. |
| Date: |
| Sun, 20 Oct 2013 00:38:31 -0400 |
| Message-ID: |
| <21091.24135.234665.637962@desk.crynwr.com> |
| Cc: |
| Cryptography <cryptography-AT-metzdowd.com>, "rng-AT-lists.bitrot.info" <rng-AT-lists.bitrot.info> |
John Denker writes:
> On 10/19/2013 09:27 AM, Russ Nelson wrote:
> >> Go ahead and mix in stuff like the RTC and the MAC address
> >> if you want, but you'll have a hard time convincing anybody
> >> that such things are sufficient.
> >
> > I just convinced you that the number of bits contributed to the
> > entropy at start-up time is small, didn't I? If I didn't, why didn't
> > I?
>
> Uhhh, that's the answer to a different question. We
> agree that the amount of available entropy is "small".
> My point is that it is too small.
Crypto without a threat model is like cookies without milk.
You're making a claim about the security of a cryptographic algorithm
without specifying the threat model. You are, technically, in a state
of sin. I forgive you my son. Your penance is to memorize another 30
digits of pi.
--
--my blog is at http://blog.russnelson.com
Crynwr supports open source software
521 Pleasant Valley Rd. | +1 315-600-8815
Potsdam, NY 13676-3213 | Sheepdog
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
