login
Search
On Mon, 26 May 2008, Alejandro Riveira Fernández wrote:For systems with high resolution timers, even if an attacker has total knowledge/control of the network, it doesn't seem realistically possible for them to determine the low order bits of the nanosecond timer of disk and network I/O system calls, if those were used as a source of entropy. I think this is a case of the (unrealistic) best being an enemy of the common (and realistic) good. Another idea that occured to me: How about using the low order bits of the instruction memory address being executed that was interrupted by the HZ timer interrupt. This also doesn't seem to be something that an external attacker could realistically determine. And a combination of these approaches would be that much stronger, combined of course with any other available entropy sources. -Bill -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
| debian developer | Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 |
| Bart Van Assche | Integration of SCST in the mainstream Linux kernel |
| David Brown | Re: Linux 2.6.21-rc2 |
| Greg KH | [GIT PATCH] driver core patches against 2.6.24 |
git: | |
| Gerrit Renker | [PATCH 15/37] dccp: Set per-connection CCIDs via socket options |
| David Miller | Re: [GIT]: Networking |
| Jarek Poplawski | [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock(). |
| David Miller | Re: [BUG] New Kernel Bugs |
