Re: [dsfjdssdfsd] what not to do...

travis+ml-dsfjdssdfsd@subspacefield.org Wed, 02 April 2014 18:32 UTC

Return-Path: <travis+ml-dsfjdssdfsd@subspacefield.org>
X-Original-To: dsfjdssdfsd@ietfa.amsl.com
Delivered-To: dsfjdssdfsd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB4BB1A0368 for <dsfjdssdfsd@ietfa.amsl.com>; Wed, 2 Apr 2014 11:32:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.81
X-Spam-Level:
X-Spam-Status: No, score=-0.81 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FROM_LOCAL_NOVOWEL=0.5, J_CHICKENPOX_21=0.6, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bHGT4y0wyGax for <dsfjdssdfsd@ietfa.amsl.com>; Wed, 2 Apr 2014 11:32:19 -0700 (PDT)
Received: from nexus.subspacefield.org (nexus.subspacefield.org [64.156.192.208]) by ietfa.amsl.com (Postfix) with ESMTP id C73811A0374 for <dsfjdssdfsd@ietf.org>; Wed, 2 Apr 2014 11:32:19 -0700 (PDT)
Received: by nexus.subspacefield.org (Postfix, from userid 1001) id 1878C3F756; Wed, 2 Apr 2014 11:32:16 -0700 (PDT)
Date: Wed, 2 Apr 2014 11:32:16 -0700
From: travis+ml-dsfjdssdfsd@subspacefield.org
To: Theodore Ts'o <tytso@mit.edu>
Message-ID: <20140402183216.GH276@subspacefield.org>
Mail-Followup-To: Theodore Ts'o <tytso@mit.edu>, Paul Hoffman <paul.hoffman@vpnc.org>, "dsfjdssdfsd@ietf.org" <dsfjdssdfsd@ietf.org>
References: <533AF317.5070901@cs.tcd.ie> <CACXcFm=ts6JWuW+pQtaqZ720QDxnEa22UZW2NiBYMgCCV7MPuw@mail.gmail.com> <CAF4+nEF8N5C7zmGh5TBnp29zP1Fi2PMzoU4x4EEH8hY82PnS0w@mail.gmail.com> <20140402163354.GG6901@thunk.org> <2804DA89-211B-4876-A773-A17D6AE8463F@vpnc.org> <20140402173426.GI6901@thunk.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="kHRd/tpU31Zn62xO"
Content-Disposition: inline
In-Reply-To: <20140402173426.GI6901@thunk.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/dsfjdssdfsd/VQbdAULtoEpLQtkVhXgBI6TMIrU
Cc: "dsfjdssdfsd@ietf.org" <dsfjdssdfsd@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [dsfjdssdfsd] what not to do...
X-BeenThere: dsfjdssdfsd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The dsfjdssdfsd list provides a venue for discussion of randomness in IETF protocols, for example related to updating RFC 4086." <dsfjdssdfsd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dsfjdssdfsd/>
List-Post: <mailto:dsfjdssdfsd@ietf.org>
List-Help: <mailto:dsfjdssdfsd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dsfjdssdfsd>, <mailto:dsfjdssdfsd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 18:32:24 -0000

On Wed, Apr 02, 2014 at 01:34:26PM -0400, Theodore Ts'o wrote:
> One of the problems is that there is a lot of nuance which is
> required.  For example, if you can't change the hardware, on a mobile
> device, one of the few sources of unpredictability might be the radio
> strength --- if you grab this in early boot and if you know that the
> values aren't being fed via centralized logging scheme.  It's not
> really _entropy_ per se, but if you are assuming that someone sitting
> in Fort Meade won't know whether your cell phone is in your knapsack
> under the steel desk, or on top of the desk, it probably does add a
> certain amount of protection.
> 
> Ditto grabbing touch screen information; sure, if someone has a camera
> surveilling you, it might not have much unpredictabiliy, but it's
> still probably a good thing to mix into your entropy pool.
> 
> And if we try to tell people that if you can't do anything at all
> which is True Entropy (tm), you might as well go home, then people
> might just do that.

In the movie "The Sting", horse race results are delayed to allow
betting-after-the-fact; this demonstrates that with the knowledge you
have after its disclosure, unpredictability no longer exists.

So philosophically, all unpredictability is measured relative to some
knowledge set.

As a pragmatic exercise we can measure an upper bound on entropy
(using min-entropy) based on what we assume are standard assumptions,
but we don't know what we don't know.

Which is an interesting parallel to computational security assurances.

http://www.subspacefield.org/security/security_concepts/index.html#toc-Section-29

BTW, hello Paul, nice list :-)
-- 
http://www.subspacefield.org/~travis/
Remediating... LIKE A BOSS