|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Tempfile vulnerabilities
From: Len Budney (lbudney-lists-bugtraq
NB.NET)Date: Thu Feb 03 2000 - 13:18:56 CST
- Next message: Ari Gordon-Schlosberg: "Re: Fwd: CERT Advisory CA-2000-02"
- Previous message: fury: "Re: Fwd: CERT Advisory CA-2000-02"
- Next in thread: antirez: "Re: Tempfile vulnerabilities"
- Maybe reply: Len Budney: "Re: Tempfile vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Theo de Raadt <deraadtCVS.OPENBSD.ORG> wrote:
>
> Crypto software which uses [/dev/random] devices should be doing
> some kind of checking to make sure that they are getting at least
> good entropy.
/dev/random will not emit bytes below some entropy threshold. Somebody
draining /dev/random amounts to a DOS attack; it will begin emitting at a
snail's pace, and users of /dev/random will contend for the scarce bytes.
If lower entropy is acceptable, /dev/urandom will invoke a PRNG to
keep emitting, even when the entropy pool is depleted. The output of
/dev/urandom passes the diehard tests reasonably well, and should be
acceptable for most non-cryptographic applications.
Of course, as Werner Koch already indicated, casual applications of
"random numbers" should not waste the entropy pool.
Len.
-- Bandwidth is bad for the same reason that most programs are so slow: programmers _guess_ where the bottlenecks are rather than _profiling_. -- Dan Bernstein
- Next message: Ari Gordon-Schlosberg: "Re: Fwd: CERT Advisory CA-2000-02"
- Previous message: fury: "Re: Fwd: CERT Advisory CA-2000-02"
- Next in thread: antirez: "Re: Tempfile vulnerabilities"
- Maybe reply: Len Budney: "Re: Tempfile vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]