[129652] in cryptography@c2.net mail archive
Re: On the "randomness" of DNS
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Aug 4 17:18:37 2008
Date: Sat, 02 Aug 2008 22:51:53 +0100
From: Ben Laurie <ben@links.org>
To: =?ISO-8859-1?Q?Philipp_G=FChring?= <pg@futureware.at>
CC: cryptography@metzdowd.com
In-Reply-To: <489185CB.2090200@futureware.at>
Philipp Gühring wrote:
> Hi,
>
> I would suggest to use http://www.cacert.at/random/ to test the
> randomness of the DNS source ports. Due to the large variety of
> random-number sources that have been tested there already, it's useful
> as a classification service of unknown randomly looking numbers.
> You just have to collect 12 MB of numbers from a DNS server and upload
> it there. (If you get 2 Bytes per request, that's 6 million requests you
> have to do)
>
>>> I don't see the point of evaluating the quality of a random number
>>> generator by statistical tests.
>
> We successfully used statistical tests to detect broken random number
> generators, we informed the vendors and they fixed them.
> http://www.cacert.at/cgi-bin/rngresults
Are you seriously saying that the entropy of FreeBSD /dev/random is 0?
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
