Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Tempfile vulnerabilities
From: lbudney-lists-bugtraq () NB NET (Len Budney)
Date: Thu, 3 Feb 2000 14:18:56 -0500

Theo de Raadt <deraadt () CVS OPENBSD ORG> wrote:

Crypto software which uses [/dev/random] devices should be doing
some kind of checking to make sure that they are getting at least
good entropy.

/dev/random will not emit bytes below some entropy threshold. Somebody
draining /dev/random amounts to a DOS attack; it will begin emitting at a
snail's pace, and users of /dev/random will contend for the scarce bytes.

If lower entropy is acceptable, /dev/urandom will invoke a PRNG to
keep emitting, even when the entropy pool is depleted. The output of
/dev/urandom passes the diehard tests reasonably well, and should be
acceptable for most non-cryptographic applications.

Of course, as Werner Koch already indicated, casual applications of
"random numbers" should not waste the entropy pool.


Bandwidth is bad for the same reason that most programs are so slow:
programmers _guess_ where the bottlenecks are rather than _profiling_.
                                -- Dan Bernstein

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]