[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re-keying Issues Document

To: mcnelson@mindspring.com (Dr. M. C. Nelson)
Subject: Re: Re-keying Issues Document
From: Dan McDonald <danmcd@Eng.Sun.Com>
Date: Thu, 1 Oct 1998 16:47:18 -0700 (PDT)
Cc: ipsec@tis.com
In-Reply-To: <XFMail.981001160639.mcnelson@mindspring.com> from "Dr. M. C. Nelson" at Oct 1, 98 01:53:33 pm
Sender: owner-ipsec@ex.tis.com

Mitch,

These are good points, and provide strong arguments for real HW random number
generators.  One small nit, though...

> For any software key generator, any new key will be predictable
> given a knowledge of the algorithm and its inputs.  An example
> would be,
> 
>     K-new  =  func( seed, T ),
> 
> where T is any information that varies from one invocation to the
> next.  T could be the previous result or a clock, or what-have-you.
> In any case T is also predictable (else we're talking about random
> number hardware).

Is T really predictable?  I ask this because if I frequently rekey based on
the number of bytes I transmit, T will vary based on a human's input.  Human
input is not very predictable.  If T is something along the lines of a
nanosecond timer, the human input differences amplify.

I'm not saying we don't need better randomness.  Maybe I'm arguing that
byte-based lifetimes provide better security, because of the unpredictability
of humans using those bytes.

Dan

Follow-Ups:

Re: Re-keying Issues Document

From: "Dr. M. C. Nelson" <mcnelson@mindspring.com>

Re: Re-keying Issues Document

From: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>

References:

RE: Re-keying Issues Document

From: "Dr. M. C. Nelson" <mcnelson@mindspring.com>

Prev by Date: RE: Re-keying Issues Document
Next by Date: Re: Re-keying Issues Document
Prev by thread: RE: Re-keying Issues Document
Next by thread: Re: Re-keying Issues Document
Index(es):
- Main
- Thread