Re: svn commit: r239569 - head/etc/rc.d
Doug Barton <dougb@FreeBSD.org> writes:
> 3. Write a script to reboot, and once the system is fully booted do 'dd
> if=3D/dev/random of=3Dsaved-random-out.$i count=3D4096' then reboot again
> immediately. Values of i from 1 to 10,000 ought to do it.
> 4. sha256 the saved-random-out files and see how many duplicates there ar=
e.
I doubt there will be any exact duplicates, but closer statistical
analysis might reveal a slight bias. For instance, if my intuition
serves, the Hamming distance between any pair of samples, when averaged
over a large number of samples, should be half the sample length. I'm
sure a professional statistician or cryptanalyst could come up with more
accurate ways of detecting bias.
The script in question, by the way, could simply be a few extra lines at
the end of /etc/rc.d/initrandom; and I'd do it in a VM, to reduce cycle
time to a minimum.
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 49 之 145 篇):