Re: [tinydtls-dev] Secure Random Number Generator ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [tinydtls-dev] Secure Random Number Generator ?

From: Olaf Bergmann <bergmann@xxxxxxx>
Date: Wed, 11 May 2016 14:41:49 +0200
Delivered-to: tinydtls-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/tinydtls-dev>
List-help: <mailto:tinydtls-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/tinydtls-dev>, <mailto:tinydtls-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/tinydtls-dev>, <mailto:tinydtls-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

Raul Fuentes <ra.fuentess.sam+tinyDTLS@xxxxxxxxx> writes:

> Another thing that will impact with the PRNG and tinydtls is the
> starting time. For motes and Linux's implementation, they are
> beginning with EPOCH 0 (January 1th, 1970 00:00:00.0). This mean that
> the cookies generated by TinyDTLS are, probably, vulnerable to
> repetition attacks. 

Actually, the random seed should not depend on the system time at
all. Usually, you would try to get some entropy from the radio interface
or similar. There also has been a discussion on the PRNG initializer
some time ago, cf. [1].

[1] https://sourceforge.net/p/tinydtls/tickets/32/

Grüße
Olaf

References:
- [tinydtls-dev] Secure Random Number Generator ?
  - From: Frank Gerlach
- Re: [tinydtls-dev] Secure Random Number Generator ?
  - From: Raul Fuentes

Prev by Date: Re: [tinydtls-dev] Secure Random Number Generator ?
Next by Date: Re: [tinydtls-dev] Secure Random Number Generator ?
Previous by thread: Re: [tinydtls-dev] Secure Random Number Generator ?
Next by thread: Re: [tinydtls-dev] Secure Random Number Generator ?
Index(es):
- Date
- Thread

Breadcrumbs