Subject: Re: insufficient entropy for rnd
To: Daniel Carosone <dan@geek.com.au>
From: None <itojun@iijlab.net>
List: tech-crypto
Date: 08/13/2003 11:14:22
>It is the reason device-type net is disabled by default, and it's
>not a serious risk. Anyone who can predict the arrival time of a
>network packet interrupt (and subsequent processing) within the
>precision of a CPU cycle counter has enough control over your
>machine that randomness is irrelevant.
my understanding was that it is not a problem with "who can predict the
arrival time of a network packet interrupt", but "arrival time of
network packet interrupt may not be random enough" (like every 1
second). anyways precision of clock device used by rnd(4) would be
a important factor here.
itojun