Subject: Re: insufficient entropy for rnd
To: None <itojun@iijlab.net>
From: Perry E. Metzger <perry@piermont.com>
List: tech-crypto
Date: 08/13/2003 14:34:17
itojun@iijlab.net writes:
> >It is the reason device-type net is disabled by default, and it's
> >not a serious risk. Anyone who can predict the arrival time of a
> >network packet interrupt (and subsequent processing) within the
> >precision of a CPU cycle counter has enough control over your
> >machine that randomness is irrelevant.
>
> my understanding was that it is not a problem with "who can predict the
> arrival time of a network packet interrupt", but "arrival time of
> network packet interrupt may not be random enough"
Yup. You got it. Many people think that keystroke timing is really a
lot more random than it is, too, even though the output is clocked...
Perry