Re: Bad PRNGs revisted in FreSSH

[Andrew Brown <atatat () ATATDOT NET>]

> > * it doesn't _quite_ degenerate to just the code
> > you pasted above; several timings are mixed in,
> > not just at seed time but over the course of the
> > daemon's run.
>
> Have you estimated the total entropy supplied by this seeding activity? It
> needs to be (at the very least) greater than the entropy consumed in
> generating

you're almost comparing apples to oranges here.

> 1) long term server keys

these are usually generated one time: when the software is installed.

> 2) 'ephemeral' server RSA keys

this is the use of the entropy that most people are probably concerned
with these days, although these are *typically* generated only once an
hour.

> 3) session keys

these are generated by the client.  they should have their own sources
of entropy, the use of which should not affect the server.

and you missed 4) cookies

the server sends these to the client to (attempt to) defend against
tcp hijacking or ip spoofing.

--
|-----< "CODE WARRIOR" >-----|
codewarrior () daemon org             * "ah!  i see you have the internet
twofsonet () graffiti com (Andrew Brown)                that goes *ping*!"
andrew () crossbar com       * "information is power -- share the wealth."