From owner-freebsd-arch  Wed Oct 25  3:17:41 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from warning.follo.net (warning.follo.net [195.204.136.30])
	by hub.freebsd.org (Postfix) with ESMTP id 4EB6037B479
	for <arch@FreeBSD.org>; Wed, 25 Oct 2000 03:17:37 -0700 (PDT)
Received: (from eivind@localhost)
	by warning.follo.net (8.9.3/8.9.3) id MAA11658;
	Wed, 25 Oct 2000 12:15:26 +0200 (CEST)
Date: Wed, 25 Oct 2000 12:15:26 +0200
From: Eivind Eklund <eivind@FreeBSD.org>
To: Kris Kennaway <kris@citusc.usc.edu>
Cc: Warner Losh <imp@village.org>, Mark Murray <mark@grondar.za>,
	arch@FreeBSD.org
Subject: Re: cvs commit: src/etc rc
Message-ID: <20001025121526.A11476@warning.follo.net>
References: <200010232046.e9NKkLR01463@grimreaper.grondar.za> <20001023081548.A41843@bsdwins.com> <200010232046.e9NKkLR01463@grimreaper.grondar.za> <200010232321.RAA11268@harmony.village.org> <20001024124057.A4309@skriver.dk> <200010241256.GAA15067@harmony.village.org> <20001024162445.A58246@warning.follo.net> <20001024083111.D58506@citusc17.usc.edu> <20001024182319.C37278@warning.follo.net> <20001024184925.B59218@citusc17.usc.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.4i
In-Reply-To: <20001024184925.B59218@citusc17.usc.edu>; from kris@citusc.usc.edu on Tue, Oct 24, 2000 at 06:49:25PM -0700
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, Oct 24, 2000 at 06:49:25PM -0700, Kris Kennaway wrote:
> On Tue, Oct 24, 2000 at 06:23:19PM +0200, Eivind Eklund wrote:
> > On Tue, Oct 24, 2000 at 08:31:11AM -0700, Kris Kennaway wrote:
> > > On Tue, Oct 24, 2000 at 04:24:45PM +0200, Eivind Eklund wrote:
> > > > Can't we just crypt the data with a strong cipher (or, preferably, two or
> > > > three strong ciphers) and a key aquired by using random data from Yarrow
> > > > before writing it out?  That would not expose state, assuming we trust the
> > > 
> > > How would you know the key when you want to read it back in after the
> > > next reboot?
> > 
> > You don't know the key.   This is *entropy* - you don't need to recover it
> > exactly :-)
> 
> This doesnt buy you anything, since the Yarrow algorithm already does this.

I was responding to a mail from Warner regarding writing out the internal
state of Yarrow (rather than some Yarrow output).  I agree that writing out
Yarrow output is a better solution, so please disregard the suggestion.

Eivind.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message