- From: David Wagner <daw@cs.berkeley.edu>
- Date: 24 Apr 1996 19:02:02 -0700
- To: ietf-tls@w3.org
In article <199604242216.PAA07915@work.ucsd.edu>, Bennet Yee <bsy@cs.ucsd.edu> wrote: > In message <c=US%a=_%p=msft%l=RED-92-MSG-960424195112Z-26742@tide21.microsoft.c > om>, Dan Simon writes: > > UNIX time was not removed so that challenges would be more random, but > > rather to preserve available randomness resources. UNIX time on a > > machine may reasonably be expected to contain, say, 3 bits of entropy, > > if not sampled too often. > > All modern Unix systems provide the time on the daytime port [...] > Furthermore, many machines use the Network Time Protocol [...] Good points, all of them. As Ian Goldberg & I have pointed out, there are still more ways the time can leak. For instance, Message-IDs often contain the time of day. (And you can usually force a targeted Unix machine to send you a Message-ID by sending it a message which will bounce.) This is pointed out in e.g. http://www.ddj.com/ddj/1996/1996.01/wagner.htm I think the clock skew between you & a target machine is not too hard to recover very accurately. I think it's dangerous to rely on there being any significant entropy in the time of day. Just my (conservative & paranoid) opinion, -- Dave Wagner
Received on Wednesday, 24 April 1996 22:02:13 UTC