Bugtraq mailing list archives
Re: VNC authentication weakness
From: Theo de Raadt <deraadt () cvs openbsd org>
Date: Sun, 28 Jul 2002 02:16:04 -0600
Does anyone have a better solution that doesn't involve calling entropy-gathering routines from all over the program or running a continuous entropy-gathering thread? Are there any big problems in this solution, other than that it only has (by my pessimistic estimates) about 28 bits of entropy if my "thousandlists" trick isn't really very effective? 28 bits is probably sufficient for my purposes. Is there some much simpler solution I could have more confidence in?
Yes. OpenBSD has /dev/arandom, kernel arc4random(), and libc arc4random(3) which load a chunk from the real random pool when needed, persistantly permit reuse of that pool without having to rely on new entropy, and automatically reseeds that pool when we perceive that the quality of it may be dropping. This type of pool is ideal for use as chaff, random ids, etc. It's the right solution for the problem you (and many others) face: Where is a very cheap source of fairly strong random data that does not deplete the critical resource of very strong random in the kernel pool.
Current thread:
- Re: VNC authentication weakness, (continued)
- Re: VNC authentication weakness Iván Arce (Jul 24)
- Re: VNC authentication weakness Jack Lloyd (Jul 25)
- Re: VNC authentication weakness Constantin Kaplinsky (Jul 26)
- Re: VNC authentication weakness Andreas Beck (Jul 25)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Mitch Adair (Jul 26)
- Re: VNC authentication weakness Jose Nazario (Jul 26)
- Re: VNC authentication weakness Ariel Waissbein (Jul 27)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)
- Re: VNC authentication weakness Nate Lawson (Jul 29)
- Re: VNC authentication weakness Mike Porter (Jul 30)
- Re: VNC authentication weakness David Malone (Jul 30)