Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The point of CSPRNG constructions is that there isn't a "budget bits" of seed. Again: this idea is pretty core to the design of the LRNG.

Neither of your constructions is secure.



To paraphrase how I see things going so far, plus one:

1. tptacek: "It's hard to imagine how Cloudflare's lava-lamps could ever make the cryptography worse."

2. Terr_: "Well, technically it could make it worse, if 'hey look we're using a cool lava-lamp wall' comes at the expense of opportunities to insert higher-quality entropy from some other source."

3. tptacek: "It doesn't matter because they can just add it to everything else."

4. Terr_: "I didn't say adding, I said substituting."

5. tptacek: "A CSPRNG algorithm always lets you add more passes and bits. You don't have to make that choice."

6. Terr_: "But Cloudflare does have to make that choice because sensors and computers and CPU-cycles and budgets are all limited! Those constraints are the entire reason we're even using a CSPRNG in the first place."


I'm sorry, I've lost track of what you're trying to argue. The point is that in practice, any sane design is just going to hash "lava lamp" information in with all the other low-quality entropy inputs that drive the LRNG. I wasn't making a subtle or complicated point here.


I'm not making a subtle or complicated point either. I think the start of it is that we had different ideas of what "worse" was being compared to.

You're saying "It's hard to tell a story where the wall is making things worse [compared to replacing it with nothing]." If the initially-unspoken bracketed condition is added, then yes, I agree with you.

My response was: "There might be a story where the wall is making things worse, compared to other things."


The entire premise of modern CSPRNGs is that you feed into them whatever entropy sources you have, wherever it's from, the more the better.

The point of disagreement here, about whether or not it's possible that they'd be choosing to use the lava lamps to the exclusion of some better source, doesn't make any sense against that framing.


The issue is that your “compared to other things” essentially requires CloudFlare to be incompetent which, sure, that could be a thing. But then there are bigger problems.

None of your concerns hold up to scrutiny. Using lava lamps instead of better sources of entropy implies incompetence. CloudFlare is also not so resource limited that they can’t dump the lava lamp entropy in with the rest of their entropy sources. Or else, again, incompetence.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: