Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: DakaRand
From: Jeffrey Walton <noloader () gmail com>
Date: Sun, 19 Aug 2012 18:51:43 -0400

On Sun, Aug 19, 2012 at 6:12 PM, Dan Kaminsky <dan () doxpara com> wrote:


On Sun, Aug 19, 2012 at 3:03 PM, Ben Laurie <ben () links org> wrote:

On Sun, Aug 19, 2012 at 9:28 PM, Dan Kaminsky <dan () doxpara com> wrote:

On Sun, Aug 19, 2012 at 10:13 AM, Ben Laurie <ben () links org> wrote:

On Sun, Aug 19, 2012 at 5:42 PM, Dan Kaminsky <dan () doxpara com> wrote:
entropy gathering has gotten *worse* (via abandonment of interrupts),
not
better.

Entropy gathering in _one particular OS_. Credit where its due, please.


My understanding is that bad keys were detected on more than just Linux,
which implies starvation on everything on everything not out of Redmond.

What interesting approaches are you aware of that deserve credit?  Not a
rhetorical question, I'm genuinely curious.

I was referring to the abandonment of interrupts in Linux. You think
that other OSes have got worse at entropy gathering? And when did
"more than Linux" start implying "not Windows"?


My assumption is that the other Unixes weren't looking at interrupt timing
to begin with, i.e. they've always been as starved for entropy as Linux
eventually became.  That being said, does VXWorks even *have* an OS provided
strong random number generator?

Windows has CryptGenRandom, which AFAIK doesn't block, and survives
everything but VM suspend/restore.

A bit dated:
* Analysis of the Linux Random Number Generator, eprint.iacr.org/2006/086.pdf
* Cryptanalysis of the Random Number Generator of the Windows
Operating System, eprint.iacr.org/2007/419.pdf

Most recent analysis of Linux RNG (AFAIK):
* Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network
Devices, https://factorable.net/paper.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault