[Pki-clean-room-devel] Entropy gathering
Sergey Matveev
stargrave at stargrave.org
Sat Oct 7 13:52:27 UTC 2017
*** Daniel Kahn Gillmor <dkg at fifthhorseman.net> [2017-10-07 04:13]:
>As i understand the clean-room project, its goal is the creation,
>storage, management, and use of certification keys. The three
>cryptographic operations in question here are: [...]
>hopefully this is useful background,
Thank you for perfect explanation!
So, clean-room project assumes that GnuPG and all related tools deal
with blocking /dev/random and have a guarantee that if there is no
enough entropy in the system, they will block, collecting it?
I am afraid that an entropy pool could be cheated like feeding some
dummy entropy to it, like I saw in https://eferdman.github.io/debian/outreachy/2017/01/03/Debian-4w/
blogpost, where (only for development/testing reasons) rngd -r
/dev/urandom is ran. There could be not so high-quality (for example
biased, like RDRAND) external PRNG sources, that give high amount of
data, quickly satiating entropy pool. I mean: entropy could be taken
only from physical world (like thermal noise (RDRAND), interrupts,
clocks and so on) and as a rule, for example interrupts, most of that
sources provide entropy relatively slowly. So, stateless computer,
without any external hardware PRNG sources (like you mentioned: NeuG),
at least should be run for some time. OS can be tricked with rndgd -r
urandom (or booted with high-entropy preseed file on CD), but computer's
user knows better that entropy sources exists. At least clean room's
user should be aware of that and in the simplest case should wait for
(dozens of?) minutes for reliability. Current project's wiki page says
nothing about that issues and, according to it, I can quickly boot
stateless clean computer and generate keys after a minute -- it is
dangerious.
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pki-clean-room-devel/attachments/20171007/a72e93b0/attachment.sig>
More information about the PKI-Clean-Room-Devel
mailing list