[Cryptech Tech] ubuntu for the win!

Bernd Paysan bernd at net2o.de
Sat Feb 28 22:07:21 UTC 2015

Previous message: [Cryptech Tech] ubuntu for the win!
Next message: [Cryptech Tech] ubuntu for the win!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Samstag, 28. Februar 2015, 16:22:20 schrieb Russ Housley:
> >> fwiw ndn has a polliate server on random.nordu.net fed by a pair of
> >> idquantique optical quantum devices
> >> 
> >>> https://wiki.ubuntu.com/Security/Features#prng-cloud
> > 
> > and gchq has a polliate server ....
> 
> The pages says that it provides a secure way to seed the PRNG.  How?  It
> does not say how the authentication or trust relationships are handled.

If you want quick authenticated trustworthy entropy via TLS, just ask a widely 
used server which has PFS implemented via ECDHE_ECDSA, and uses a known CA for 
signing the certificates (e.g. Google).  The entropy you can extract and trust 
is the ECDSA signature entropy, because if they mess *that* one up, they will 
expose their key.

-- 
Bernd Paysan
"If you want it done right, you have to do it yourself"
http://bernd-paysan.de/
net2o ID: kQusJzA;7*?t=uy at X}1GWr!+0qqp_Cn176t4(dQ*

Previous message: [Cryptech Tech] ubuntu for the win!
Next message: [Cryptech Tech] ubuntu for the win!
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list