From owner-freebsd-current Mon Jul 24 14:42:38 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 6A8B837BF06; Mon, 24 Jul 2000 14:42:34 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id OAA11082; Mon, 24 Jul 2000 14:42:34 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Mon, 24 Jul 2000 14:42:34 -0700 (PDT) From: Kris Kennaway To: "Jeroen C. van Gelderen" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak In-Reply-To: <397C9DF2.18CBB7B3@vangelderen.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 24 Jul 2000, Jeroen C. van Gelderen wrote: > 1. The overhead will probably be insignificant. One doesn't > use such vast amounts of random numbers. True, but the effect on slow CPUs for a single read may be signfificant. We'll have to see. > 2. At least the generator gate can be optimized out if it > turns out to be a problem. Yes. > 3. We could use a cipher with better key agility (CAST) > to make each operation less computationally intensive. Yes. > > ITYM Pg = k 2^(-k/3) > > though - you want a maximum k bits of output, not 1. > > Pg is the number of blocks IIRC. Pg is the number of (n=64)-bit blocks between generator gates, but min(2^n,2^(k/3)Pg) is the maximum number of output bits you'll get before the thing shuts up and waits for a reseed. So Pg < 1 means we'll take a generator gate after every output block, but will still output our 2^(k/3)Pg = k bits (i.e. 4 blocks worth) In practice we'd probably have to just special-case this since the required Pg is approximately 10^-24 :-) Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message