Re: [PATCH] (0/4) Entropy accounting fixes

Oliver Neukum (oliver@neukum.name)
Mon, 19 Aug 2002 18:29:52 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Oliver Xymoron: "Re: Problem with random.c and PPC"
Previous message: Marco Colombo: "Re: Problem with random.c and PPC"

> Not at all. Let me (one process) read 1MB from /dev/urandom,
> and analyze it. If I can break SHA-1, I'm able to predict *future*
> /dev/urandom output, expecially if I keep draining bits from
> /dev/random.

True, but you cannot predict which task will read which part
of the output of urandom.
Also not all attackers can read from urandom.

If you really care, you might implement entropy pools
per user.

Regards
Oliver

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Xymoron: "Re: Problem with random.c and PPC"
Previous message: Marco Colombo: "Re: Problem with random.c and PPC"