[8073] in cryptography@c2.net mail archive
Re: Lots of random numbers
daemon@ATHENA.MIT.EDU (Rich Salz)
Fri Nov 17 10:17:33 2000
Message-ID: <3A148FE9.CFBDD002@caveosystems.com>
Date: Thu, 16 Nov 2000 20:54:49 -0500
From: Rich Salz <rsalz@caveosystems.com>
MIME-Version: 1.0
To: cryptography@c2.net
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Thanks, all, for the review; I greatly appreciate it.
The overall system will be online, and on the net, generating keys 24x7. I can
follow best practices to firewall the network, and physical access by an
adversary is impossible (I now this is a strong statement, but it *is* outside
of my threat model). The keygen machines would periodically grab some entropy
over the local net and mix it into their own; this is to help reduce costs of
requiring custom hardware everywhere. The idea for outside entropy is to have
an auditable (evidentiary) event that adds to the strength of the generated
keys.
Thanks again for (continued) commentary.
/r$
