[157255] in North American Network Operators' Group
Re: best way to create entropy?
daemon@ATHENA.MIT.EDU (Jussi Peltola)
Thu Oct 11 20:43:47 2012
Date: Fri, 12 Oct 2012 03:43:35 +0300
From: Jussi Peltola <pelzi@pelzi.net>
To: nanog@nanog.org
In-Reply-To: <CAHsqw9vBE-St1gXfS23-2DeFRx_jK7w2p8cWNbU0tr230=7cew@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Oct 11, 2012 at 05:25:37PM -0700, Jonathan Lassoff wrote:
> Yes, but then you're also introducing a way for an external attacker
> to transmit data that can be mixed into your entropy pool.
XORring predictable data to random data does not yield a predictable
result. /dev/random is world writable so if writing to it causes the
random generator to output something predictable it's a bug that needs
to be fixed. Also, an analog TV receiver will always have some noise that is
not predictable even if you are transmitting a known signal to it.
If you seriously need good entropy for cryptography, I think you will not
ask about it on nanog, and I'd be very wary of cheap hardware RNGs too.