[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y ] [Home]
4chanarchives logo
So since cryptsetupp/LUKS uses /dev/urandom (psuedorandom data)
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.

You are currently reading a thread in /g/ - Technology
Thread replies: 7
Thread images: 2
Anonymous
2016-07-05 05:59:43 Post No. 55420422
[Report] Image search: [Google]
File: 1465077121646.png (272 KB, 601x1016) Image search: [Google]
1465077121646.png
272 KB, 601x1016
Anonymous 2016-07-05 05:59:43 Post No. 55420422 [Report]
So since cryptsetupp/LUKS uses /dev/urandom (psuedorandom data) by default can we agree that this is just not feasible for encrypting data?
>>
Anonymous 2016-07-05 06:02:43 Post No.55420445
[Report]
Anonymous 2016-07-05 06:02:43 Post No.55420445 [Report]
It is a good attempt at generating pseudo random data.
You can't get true randomness in a home pc.
>>
Anonymous 2016-07-05 06:03:51 Post No.55420452
[Report]
Anonymous 2016-07-05 06:03:51 Post No.55420452 [Report]
>>55420422
Why haven't you killed yourself
>>
Anonymous 2016-07-05 06:05:35 Post No.55420477
[Report]
Anonymous 2016-07-05 06:05:35 Post No.55420477 [Report]
>>55420445
You can get better randomness if the system just recorded from the microphone and webcam as well as network packets surely. Does watching a YouTube video actually help /dev/random?
>>
Anonymous 2016-07-05 06:16:50 Post No.55420586
[Report] Image search: [Google]
Anonymous 2016-07-05 06:16:50 Post No.55420586 [Report]
File: Rieseita 2.gif (993 KB, 499x208) Image search: [Google]
Rieseita 2.gif
993 KB, 499x208
>>55420422
>That fucking picture.
>>
Anonymous 2016-07-05 06:29:41 Post No.55420685
[Report]
Anonymous 2016-07-05 06:29:41 Post No.55420685 [Report]
In typical /g/ fashion, OP is a faggot who has no idea what they're talking about.

If you trust block ciphers and hashes, and obviously you do because you're using them to encrypt and authenticate things, entropy isn't a thing you just magically run out of: you can stretch one good source, say 256 bits, of entropy, into enough randomness until the heat death of the universe with any good CSPRNG.

You can safely collect that entropy, debiased, from any physical process that your particular threat model is unable to measure or influence: be it zener-diode or avalanche shot noise (as found, for example, on the Raspberry Pi's chipset), chaotic inverter pairs (as used in Intel's Bull Mountain), paired oscillators, quantum polarisation noise, keystrokes, mouse movements, hard disk seeks, TSC/XTAL drift, lava lamps, whatever. You should, ideally, not trust any one source to give you adequate randomness, and it might be a good idea to run tests to make sure they aren't obviously bogus first. Some methods of combination are weak to the last source being manipulated by the attacker: some newer ones are not.

There is controversy as to whether you should continuously collect and reseed entropy; if an attacker can observe your state, you're fucked going forward, but if an attacker can observe your state, you're already fucked going forward - if you see what I mean. There are positives and negatives.

The correct random API to use under Linux now, is the new getrandom(2) API which works in the way I just described. /dev/urandom is just as good if you've properly seeded at least once. /dev/random is entirely unnecessary because in it, Theodore T'so pretends entropy is a thing that can be accurately estimated and you run out of it: an obsolete viewpoint. They should probably replace the hash and upgrade it a bit, but for now it's still fine.
>>
Anonymous 2016-07-05 07:00:52 Post No.55420960
[Report]
Anonymous 2016-07-05 07:00:52 Post No.55420960 [Report]
>>55420685
thanks for the good post friendo
Thread replies: 7
Thread images: 2
banner
banner
[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Home]
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
If a post contains personal/copyrighted/illegal content you can contact me at [email protected] with that post and thread number and it will be removed as soon as possible.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com, send takedown notices to them.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.