Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Russ Nelson <nelson <at> crynwr.com>
Subject: Re: [RNG] on RNGs, VM state, rollback, etc.
Newsgroups: gmane.comp.encryption.general
Date: Sunday 20th October 2013 04:38:31 UTC (over 3 years ago)
John Denker writes:
 > On 10/19/2013 09:27 AM, Russ Nelson wrote:
 > >> Go ahead and mix in stuff like the RTC and the MAC address 
 > >> if you want, but you'll have a hard time convincing anybody
 > >> that such things are sufficient.
 > > 
 > > I just convinced you that the number of bits contributed to the
 > > entropy at start-up time is small, didn't I? If I didn't, why didn't
 > > I?
 > 
 > Uhhh, that's the answer to a different question.  We
 > agree that the amount of available entropy is "small".
 > My point is that it is too small.

Crypto without a threat model is like cookies without milk.

You're making a claim about the security of a cryptographic algorithm
without specifying the threat model. You are, technically, in a state
of sin. I forgive you my son. Your penance is to memorize another 30
digits of pi.

-- 
--my blog is at    http://blog.russnelson.com
Crynwr supports open source software
521 Pleasant Valley Rd. | +1 315-600-8815
Potsdam, NY 13676-3213  |     Sheepdog       
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
 
CD: 2ms