Subject: Re: CVS commit: syssrc/sys/dev/ic
To: None <tech-kern@netbsd.org>
From: Wolfgang Rupprecht <wolfgang+gnus20011109T112003@wsrcc.com>
List: tech-kern
Date: 11/09/2001 11:34:04
> > Its not dangerous'; its just not *shown* to be safe. But then, what is?  
> 
> Seems to me that Bill and Perry just pointed out some very easy ways
> it *is* dangerous on a public network (or, really, any machine unwanted
> packets can reach in any way). If you can push on the network
> device, you can push on the entropy. I hope we all see why that's
> bad at this point.

Would pushing the "would-be entropy" through a crypto-system make it
non-predictable enough to prevent such attacks?  Eg. if the
inter-arrival time of packets was used to fill up an entropy pool and
the fear was that someone could stuff the pool with known data then
could running all the data through des/blowfish etc in some chained
feedback mode put a real crimp in their style?  

At first glance this looks a bit like the problem people designing the
encryptions themselves have.  One needs to "diffuse" the effects of
single-bit input changes such that the output doesn't inadvertently
expose any knowledge of the internal crypto-variables.

-wolfgang
-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
Coming soon: GPS mapping tools for Open Systems. http://www.gnomad-mapping.com/