> It's been a while since I looked at the /dev/random design on Linux
> (probably the early 2.4 days), however one thing that was quite
> clear was that they did not use any network I/O as entropy sources
> because an attacker, particularly one that already had control of
> other machines on the same LAN segment, could have a high degree of
> control over that source.
They don't need to have any control; simply being able to observe
network traffic means that it is no longer random (in the sense of
"unpredictable", which is what counts from a security perspective).
--
Glynn Clements <glynn (at) gclements.plus (dot) com [email concealed]>
"Zow" Terry Brugger wrote:
> It's been a while since I looked at the /dev/random design on Linux
> (probably the early 2.4 days), however one thing that was quite
> clear was that they did not use any network I/O as entropy sources
> because an attacker, particularly one that already had control of
> other machines on the same LAN segment, could have a high degree of
> control over that source.
They don't need to have any control; simply being able to observe
network traffic means that it is no longer random (in the sense of
"unpredictable", which is what counts from a security perspective).
--
Glynn Clements <glynn (at) gclements.plus (dot) com [email concealed]>
[ reply ]