> The whole premise of entropy depletion is that cryptography does not work (the CSRNG does not prevent the leak),...
Nice post but had to stop there. I don't get why some cryptologists don't grasp redundancy. In systems design this is a very sane assumption, in other words
The premise is not that "cryptography does not work" but rather "one piece of a cryptography systema may have been broken or weakened".
You don't tell a system engineer "The whole premise of HA is that servers fail" right? Are elementary components of a crypto system expected to be unbreakable or uncompromisable? I mean to me this makes me want to ask the writer of this post: I thought security of CSRNG is estimated to be infeasible to crack based on existing computational resources (brute force) and existing research to break and weaken the RNG ? If so, how is it improbable enough for a bug or backdoor to exist in the CSRNG or for some algorithmic breakthrough with PQC?
In my opinion, it is entirely possible(as history has proven) for elementary components of a crypto system to be weakened and a general purpose OS should presume some level of redundancy where possible. I mean, most users should not be concerned of such rare attacks(except maybe they should,given how billions of devices depend on Linux's rng and there are many extremely resourced attackers that would be interested in dragnet attacks) but you have to also keep in mind there are people who are of enough high value that they will be targeted individually. And I can envision not just the NSA and other spy agencies but plenty of private organizations and exploit brokers that will capitalize big time on discovery of csrng flaws that are not reported for a bug fix or publicized.
I think urandom is fine for most cases but on rare situations like pgp keys, TLS certs, disk encryption keys,etc... The paranoia of /dev/random might come in handy at least for a handful of people somewhere.
Nice post but had to stop there. I don't get why some cryptologists don't grasp redundancy. In systems design this is a very sane assumption, in other words The premise is not that "cryptography does not work" but rather "one piece of a cryptography systema may have been broken or weakened".
You don't tell a system engineer "The whole premise of HA is that servers fail" right? Are elementary components of a crypto system expected to be unbreakable or uncompromisable? I mean to me this makes me want to ask the writer of this post: I thought security of CSRNG is estimated to be infeasible to crack based on existing computational resources (brute force) and existing research to break and weaken the RNG ? If so, how is it improbable enough for a bug or backdoor to exist in the CSRNG or for some algorithmic breakthrough with PQC?
In my opinion, it is entirely possible(as history has proven) for elementary components of a crypto system to be weakened and a general purpose OS should presume some level of redundancy where possible. I mean, most users should not be concerned of such rare attacks(except maybe they should,given how billions of devices depend on Linux's rng and there are many extremely resourced attackers that would be interested in dragnet attacks) but you have to also keep in mind there are people who are of enough high value that they will be targeted individually. And I can envision not just the NSA and other spy agencies but plenty of private organizations and exploit brokers that will capitalize big time on discovery of csrng flaws that are not reported for a bug fix or publicized.
I think urandom is fine for most cases but on rare situations like pgp keys, TLS certs, disk encryption keys,etc... The paranoia of /dev/random might come in handy at least for a handful of people somewhere.