[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Free Show | Home]

So since cryptsetupp/LUKS uses /dev/urandom (psuedorandom data)

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.
  1. Home
  2. /g/ - Technology
  3. So since cryptsetupp/LUKS uses /dev/urandom (psuedorandom data)
Thread replies: 7
Thread images: 2

Anonymous
2016-07-05 05:59:43 Post No. 55420422
[Report] Image search: [Google]
File: 1465077121646.png (272KB, 601x1016px) Image search: [Google]
1465077121646.png
272KB, 601x1016px
Anonymous 2016-07-05 05:59:43 Post No. 55420422 [Report]
So since cryptsetupp/LUKS uses /dev/urandom (psuedorandom data) by default can we agree that this is just not feasible for encrypting data?
>>
Anonymous 2016-07-05 06:02:43 Post No.55420445
[Report]
Anonymous 2016-07-05 06:02:43 Post No.55420445 [Report]
It is a good attempt at generating pseudo random data.
You can't get true randomness in a home pc.
>>
Anonymous 2016-07-05 06:03:51 Post No.55420452
[Report]
Anonymous 2016-07-05 06:03:51 Post No.55420452 [Report]
>>55420422
Why haven't you killed yourself
>>
Anonymous 2016-07-05 06:05:35 Post No.55420477
[Report]
Anonymous 2016-07-05 06:05:35 Post No.55420477 [Report]
>>55420445
You can get better randomness if the system just recorded from the microphone and webcam as well as network packets surely. Does watching a YouTube video actually help /dev/random?
>>
Anonymous 2016-07-05 06:16:50 Post No.55420586
[Report] Image search: [Google]
Anonymous 2016-07-05 06:16:50 Post No.55420586 [Report]
File: Rieseita 2.gif (993KB, 499x208px) Image search: [Google]
Rieseita 2.gif
993KB, 499x208px
>>55420422
>That fucking picture.
>>
Anonymous 2016-07-05 06:29:41 Post No.55420685
[Report]
Anonymous 2016-07-05 06:29:41 Post No.55420685 [Report]
In typical /g/ fashion, OP is a faggot who has no idea what they're talking about.

If you trust block ciphers and hashes, and obviously you do because you're using them to encrypt and authenticate things, entropy isn't a thing you just magically run out of: you can stretch one good source, say 256 bits, of entropy, into enough randomness until the heat death of the universe with any good CSPRNG.

You can safely collect that entropy, debiased, from any physical process that your particular threat model is unable to measure or influence: be it zener-diode or avalanche shot noise (as found, for example, on the Raspberry Pi's chipset), chaotic inverter pairs (as used in Intel's Bull Mountain), paired oscillators, quantum polarisation noise, keystrokes, mouse movements, hard disk seeks, TSC/XTAL drift, lava lamps, whatever. You should, ideally, not trust any one source to give you adequate randomness, and it might be a good idea to run tests to make sure they aren't obviously bogus first. Some methods of combination are weak to the last source being manipulated by the attacker: some newer ones are not.

There is controversy as to whether you should continuously collect and reseed entropy; if an attacker can observe your state, you're fucked going forward, but if an attacker can observe your state, you're already fucked going forward - if you see what I mean. There are positives and negatives.

The correct random API to use under Linux now, is the new getrandom(2) API which works in the way I just described. /dev/urandom is just as good if you've properly seeded at least once. /dev/random is entirely unnecessary because in it, Theodore T'so pretends entropy is a thing that can be accurately estimated and you run out of it: an obsolete viewpoint. They should probably replace the hash and upgrade it a bit, but for now it's still fine.
>>
Anonymous 2016-07-05 07:00:52 Post No.55420960
[Report]
Anonymous 2016-07-05 07:00:52 Post No.55420960 [Report]
>>55420685
thanks for the good post friendo
Thread posts: 7
Thread images: 2
[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]

I'm aware that Imgur.com will stop allowing adult images since 15th of May. I'm taking actions to backup as much data as possible.
Read more on this topic here - https://archived.moe/talk/thread/1694/


If you need a post removed click on it's [Report] button and follow the instruction.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com.
If you like this website please support us by donating with Bitcoins at 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
All trademarks and copyrights on this page are owned by their respective parties.
Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site.
This means that RandomArchive shows their content, archived.
If you need information for a Poster - contact them.