On 2013-04-24 14:01:29 -0500, Derek Martin wrote:
> On Wed, Apr 24, 2013 at 03:37:37AM +0200, Vincent Lefevre wrote:
> > On 2013-04-23 20:06:10 -0500, Derek Martin wrote:
> > > Using the message store or any part of the message store is not a
> > > workable solution.
> >
> > I disagree.
>
> The security experts all agree on this...
Do you have any source?
> > The entropy is typically created from untrusted data.
>
> Only indirectly,
Ditto here.
> > Note that message headers generally contain random data from different
> > machines;
>
> It's NOT random. It's very predictable, if you're familiar with the
> receiver's site.
It is random and not predictable. For instance:
Received: from ioooi.vinc17.net (ioooi.vinc17.net [92.243.22.117])
by xvii.vinc17.org (Postfix) with ESMTP id 66D0D40C037
^^^^^^^^^^^
This part is typically random (partly).
> And if you (the attacker) are AT the receiver's site (i.e. you're
> another user on the public server they're using to get their mail),
> all you need to do to get an EXACT COPY of the message is to CC
> yourself.
Some headers will be different.
> You MUST NOT use the message as a source of randomness.
Wrong. It is perfectly fine, in particular if you combine it with
other sources of randomness (none of them being perfect). Ignoring a
source that can be hardly or impossibly predictable is just silly.
And I recall that if the message is not from the attacker, it is
practically impossible for the attacker to guess what it is.
--
Vincent Lefèvre <[email protected]> - Web: <http://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
