> At the last place at which I worked, a few years ago, a "random > number" was generated, and used in a FIPS 140-1 compliant > encryption device, by capturing 128 ethernet frames in sequence > from the local in-house network, gathering the LSB from the > arrival time of each frame, and using those values to generate > an encryption key. This was part of the "activation sequence" > which had to be done, once, on each such device. > > Any studies out there on the randomness of such a number? > At first glance a non-deterministic network would seem to be > able to generate a useful number for the key. It doesn't look like a good source of entropy. At least it wouldn't withstand an active attack during this activation phase. > - Bob Foxworth, GSEC, CISSP Thomas Biege -- Tom <tom@xxxxxxxxxxxxxxxxxx> fingerprint = F055 43E5 1F3C 4F4F 9182 CD59 DBC6 111A 8516 8DBF
