> At the last place at which I worked, a few years ago, a "random
> number" was generated, and used in a FIPS 140-1 compliant
> encryption device, by capturing 128 ethernet frames in sequence
> from the local in-house network, gathering the LSB from the
> arrival time of each frame, and using those values to generate
> an encryption key. This was part of the "activation sequence"
> which had to be done, once, on each such device.
>
> Any studies out there on the randomness of such a number?
> At first glance a non-deterministic network would seem to be
> able to generate a useful number for the key.
It doesn't look like a good source of entropy. At least it wouldn't
withstand an active attack during this activation phase.
> number" was generated, and used in a FIPS 140-1 compliant
> encryption device, by capturing 128 ethernet frames in sequence
> from the local in-house network, gathering the LSB from the
> arrival time of each frame, and using those values to generate
> an encryption key. This was part of the "activation sequence"
> which had to be done, once, on each such device.
>
> Any studies out there on the randomness of such a number?
> At first glance a non-deterministic network would seem to be
> able to generate a useful number for the key.
It doesn't look like a good source of entropy. At least it wouldn't
withstand an active attack during this activation phase.
> - Bob Foxworth, GSEC, CISSP
Thomas Biege
--
Tom <tom (at) electric-sheep (dot) org [email concealed]>
fingerprint = F055 43E5 1F3C 4F4F 9182 CD59 DBC6 111A 8516 8DBF
[ reply ]