>> /dev/urandom depends on the strength of the crypto primitives.
>> /dev/random does not. All it needs is a good uniform hash.
>
> That's not at all clear. I'll go farther: I think it is unlikely
> to be true.
>
> If you want to think about cryptographic primitives being arbitrarily
> broken, I think there will be scenarios where /dev/random is insecure.
>
> As for what you mean by "good uniform hash", I think you'll need to
> be a bit more precise.
Well, you just pointed me to a very nice paper that *makes* it precise:
Boaz Barak, Ronen Shaltiel, and Eran Tromer. True random number generators
secure in a changing environment. In Workshop on Cryptographic Hardware
and Embedded Systems (CHES), pages 166-180, 2003. LNCS no. 2779.
I haven't worked through all the proofs yet, but it looks to be highly
applicable.
>> Do a bit of reading on the subject of "unicity distance".
>
> Yes, I've read Shannon's original paper on the subject, as well
> as many other treatments.
I hope it's obvious that I didn't mean to patronize *you* with such
a suggestion! Clearly, you're intimately familiar with the concept,
and any discussion can go straight on to more detailed issues.
I just hope you'll grant me that understanding the concept is pretty
fundamental to any meaningful discussion of information-theoretic
security.
> I stand by my comments above.
Cool! So there's a problem to be solved!
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
