[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GRUB and network (was Re: GRUB and Google Summer of Code)

From: Isaac Dupree
Subject: Re: GRUB and network (was Re: GRUB and Google Summer of Code)
Date: Thu, 01 Apr 2010 20:12:09 -0400
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20100330 Shredder/3.0.4

On 04/01/10 16:59, Vladimir 'φ-coder/phcoder' Serbinenko wrote:
There is already some crypto imported for password support so adding
enough to have SSL would hopefully not be too difficult.

Not true. Although we have ciphers and hashes we don't have either
asymetric algorithms or random generator. The first is easy to import
but generating random numbers involves gathering entropy which is
cornerstone of network cryptography. Without a good random number
generator most SSL algorithms will only make the user happier without
adding any security against attacker.

Is it reasonable to generate some random data during grub-install, and write it to the disk, where GRUB will then use it? Maybe in combination with real-time clock, this can be good enough initial entropy? (But I have not consulted with security research--this is just a guess.)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]