Re: WARNING pseudorandom rekeying

To: jeanyves.migeon%free.fr@localhost (Jean-Yves Migeon)
Subject: Re: WARNING pseudorandom rekeying
From: manu%netbsd.org@localhost (Emmanuel Dreyfus)
Date: Mon, 6 Jan 2014 20:20:25 +0100

Jean-Yves Migeon <jeanyves.migeon%free.fr@localhost> wrote:

> > And if the attacker can test it remotely, we should be able to
> > test it locally with access to the private key, or am I missing 
> > something?
> 
> I do not understand that part -- what do you mean? Collecting entropy
> information through side channels like TCP ack/seq numbers, SYN cookies,
> ... ?

If the attacker is able to factor a key using knowledge of skewed PRNG,
then we should be able to do the same in order to test key strength. And
since such a test would ran locally, it could have unlimited access to
crypto generated using the private key.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu%netbsd.org@localhost

Follow-Ups:
- Re: WARNING pseudorandom rekeying
  - From: Jean-Yves Migeon
- Re: WARNING pseudorandom rekeying
  - From: jgw

References:
- Re: WARNING pseudorandom rekeying
  - From: Jean-Yves Migeon

Prev by Date: Re: WARNING pseudorandom rekeying
Next by Date: Re: WARNING pseudorandom rekeying
Previous by Thread: Re: WARNING pseudorandom rekeying
Next by Thread: Re: WARNING pseudorandom rekeying
Indexes:

Home | Main Index | Thread Index | Old Index