[39450] in bugtraq
Re: /dev/random is probably not
daemon@ATHENA.MIT.EDU (Thomas)
Wed Jul 6 14:23:11 2005
From: Thomas <tom@electric-sheep.org>
Reply-To: tom@electric-sheep.org
To: bugtraq@securityfocus.com
Date: Wed, 6 Jul 2005 07:51:44 +0200
Cc: "Robert Foxworth" <rfoxwor1@tampabay.rr.com>
In-Reply-To: <102101c5810d$83fbea90$0f49490a@fifteen>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200507060751.45185.tom@electric-sheep.org>
> At the last place at which I worked, a few years ago, a "random
> number" was generated, and used in a FIPS 140-1 compliant
> encryption device, by capturing 128 ethernet frames in sequence
> from the local in-house network, gathering the LSB from the
> arrival time of each frame, and using those values to generate
> an encryption key. This was part of the "activation sequence"
> which had to be done, once, on each such device.
>
> Any studies out there on the randomness of such a number?
> At first glance a non-deterministic network would seem to be
> able to generate a useful number for the key.
It doesn't look like a good source of entropy. At least it wouldn't
withstand an active attack during this activation phase.
> - Bob Foxworth, GSEC, CISSP
Thomas Biege
--
Tom <tom@electric-sheep.org>
fingerprint = F055 43E5 1F3C 4F4F 9182 CD59 DBC6 111A 8516 8DBF
