W3C home > Mailing lists > Public > ietf-tls@w3.org > April to June 1996

Re: Merged Transport Layer Protocol Development

From: David Wagner <daw@cs.berkeley.edu>
Date: 24 Apr 1996 19:02:02 -0700
To: ietf-tls@w3.org
Message-Id: <4lmmeq$fq@joseph.cs.berkeley.edu>
In article <199604242216.PAA07915@work.ucsd.edu>,
Bennet Yee  <bsy@cs.ucsd.edu> wrote:
> In message <c=US%a=_%p=msft%l=RED-92-MSG-960424195112Z-26742@tide21.microsoft.c
> om>, Dan Simon writes:
> > UNIX time was not removed so that challenges would be more random, but
> > rather to preserve available randomness resources.  UNIX time on a
> > machine may reasonably be expected to contain, say, 3 bits of entropy,
> > if not sampled too often.
> 
> All modern Unix systems provide the time on the daytime port [...]
> Furthermore, many machines use the Network Time Protocol [...]

Good points, all of them.

As Ian Goldberg & I have pointed out, there are still more ways the time
can leak.  For instance, Message-IDs often contain the time of day.  (And
you can usually force a targeted Unix machine to send you a Message-ID by
sending it a message which will bounce.)

This is pointed out in e.g.
	http://www.ddj.com/ddj/1996/1996.01/wagner.htm

I think the clock skew between you & a target machine is not too hard to
recover very accurately.  I think it's dangerous to rely on there being
any significant entropy in the time of day.

Just my (conservative & paranoid) opinion,
-- Dave Wagner
Received on Wednesday, 24 April 1996 22:02:13 EDT

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:48 EDT