Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Sep 2012 14:04:42 -0700
From:      Xin Li <delphij@delphij.net>
To:        obrien@freebsd.org
Cc:        Arthur Mesh <arthurmesh@gmail.com>, Doug Barton <dougb@FreeBSD.org>, freebsd-rc@freebsd.org, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>, =?UTF-8?B?bGluZyDvv70=?= <des@des.no>, =?UTF-8?B?RGFnLUVy?=
Subject:   Re: svn commit: r239569 - head/etc/rc.d
Message-ID:  <504FA76A.5000209@delphij.net>
In-Reply-To: <20120911200925.GA88456@dragon.NUXI.org>
References:  <50453686.9090100@FreeBSD.org> <20120904220754.GA3643@server.rulingia.com> <20120906174247.GB13179@dragon.NUXI.org> <20120906230157.5307a21f@gumby.homeunix.com> <20120906224703.GD89120@x96.org> <50493480.8060307@FreeBSD.org> <20120911061530.GA77399@dragon.NUXI.org> <504EDC67.9070700@FreeBSD.org> <86sjao7q8c.fsf@ds4.des.no> <20120911205302.27484fd6@gumby.homeunix.com> <20120911200925.GA88456@dragon.NUXI.org>

next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 09/11/12 13:09, David O'Brien wrote:
> On Tue, Sep 11, 2012 at 08:53:02PM +0100, RW wrote:
>> On Tue, 11 Sep 2012 13:28:51 +0200 Dag-Erling Sm�rgrav wrote:
>>> so none of it is discarded.  My gut feeling is that compression
>>> is better than hashing for that purpose,
>> 
>> It's analogous to a passphrase, have you ever heard of a 
>> passphrase being compressed rather than hashed?
>> 
>> The only good reason for compression is if compression+hashing
>> is faster than hashing, and that sounds unlikely.
> 
> Good to see someone have thoughts on this. I've only seen it stated
> that entropy passes thru mostly "untouched" thru a cryptographic
> hash in the literature.  I haven't seen anything mentioned about
> entropy thru a compression algorithm other than as an estimation of
> entropy.

I believe the cryptographic hash used here is to utilize the
"Avalanche Effect" so that one bit worth of change would result in a
big difference in the final output.  Note that, just by hashing does
not increase the possible states of the RNG, though, let's say if we
have only 256 possible inputs, we get only 256 possible output series
regardless how many bits are there in the hash output (assuming the
output is wider than 8 bits).

So if I was to implement the low grade part I'd remove the variable
names from the sysctl output at minimum.  This gives more entropy
regardless if we use compression or not.

>> You all seem to be making very heavy weather of this - all that's
>> needed is to pass the low-grade stuff through a hash of your
>> choice and then follow that with the entropy file to fill-up the
>> remaining 4k.
> 
> Or fill-up the 4k buffers with high-quality entropy, and add in
> the low-grade stuff if there is room.

Cheers,
- -- 
Xin LI <delphij@delphij.net>    https://www.delphij.net/
FreeBSD - The Power to Serve!           Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBCAAGBQJQT6dqAAoJEG80Jeu8UPuzIcEIALzoFeMyq1A7YcISA5n7sfuh
OgEsx3x0CoDDbFbzpQXwxQb7bnMOZL19Ee2gCAJYtaatOVpwiIlpb223Wsh2vSYj
xBgUmZtZQUf8jNtsoC/ywUKzxfsmdHMqrMEW6e5QMioC416ry2mOSzSYQ3NNzegy
dgclFcFPaw9WJW3e4+6gi83HLBBH0wn6xOdlIA6VyUXANxG4QT7CiRMJR0anx9RA
Ij6PRL4c2HMrlgChv2fwSUpsxKvm0IU4WPQBGVqzMJtjkrxjd76HVLnSKIIOPKzK
ZUxFich/xZaMqYAb+JL+mJ8zu9uB51eLqs+2qUzFx722FT3XyBTUq3jI3MSMlRo=
=4r/6
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?504FA76A.5000209>