[5137] in cryptography@c2.net mail archive
Re: depleting the random number generator
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Jul 19 00:51:08 1999
Date: Sun, 18 Jul 1999 21:28:39 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: David Honig <honig@sprynet.com>
Cc: John Denker <jsd@research.att.com>, cryptography@c2.net
David Honig wrote:
>
> At 04:45 PM 7/17/99 -0400, John Denker wrote:
> >Hi Folks --
> >
> >I have a question about various scenarios for an attack against IPsec by way
> >of the random number generator. The people on the linux-ipsec mailing list
> >suggested I bring it up here.
>
> >>..worries that /dev/random exhaustion -> DoS, and /dev/urandom -> PRNG after
> exhaustion..
>
> You are correct. There is no way around this, except to add a true RNG
> to your server. With an open source OS, you can add this to the existing
> /dev/[u]random code
That isn't a way around it, that just gives you higher speed randomness.
The obvious way to solve the underlying problem, as I've already said,
is to use hashcash.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
