Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
pronoiac
on March 29, 2022
|
parent
|
context
|
favorite
| on:
Problems emerge for a unified /dev/*random
Sending an ssl/tls request
also
requires some entropy! It's needed to avoid MITM and replay attacks.
A bit more info:
https://security.stackexchange.com/questions/157684/why-does...
simulate-me
on March 29, 2022
[–]
It doesn't need to be encrypted, just signed by the entropy source. The signature should be verifiable without entropy.
Hello71
on March 29, 2022
|
parent
|
next
[–]
How does that prevent replay attacks?
simulate-me
on March 30, 2022
|
root
|
parent
|
next
[–]
Hmm good point. I guess you need entropy for a nonce.
paulclinger
on March 30, 2022
|
root
|
parent
|
prev
|
next
[–]
Maybe include and sign a timestamp?
pronoiac
on March 29, 2022
|
parent
|
prev
[–]
Sorta nice, but that wouldn't avoid replay issues.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
A bit more info: https://security.stackexchange.com/questions/157684/why-does...