Date: Mon, 17 Sep 2007 15:50:33 +0200 (CEST) From: Wojciech Puchar <wojtek@wojtek.tensor.gdynia.pl> To: RW <fbsd06@mlists.homeunix.com> Cc: freebsd-questions@freebsd.org Subject: Re: /dev/random question Message-ID: <20070917154845.F74117@wojtek.tensor.gdynia.pl> In-Reply-To: <20070917032422.33361b0a@gumby.homeunix.com.> References: <20070913153630.GA9448@slackbox.xs4all.nl> <200709161521.39955.fbsd.questions@rachie.is-a-geek.net> <20070916215550.65e09a71@gumby.homeunix.com.> <200709162351.58692.fbsd.questions@rachie.is-a-geek.net> <20070917032422.33361b0a@gumby.homeunix.com.>
next in thread | previous in thread | raw e-mail | index | archive | help
> same Yarrow pseudo-random sequence. If enough of the random data > survives at the end of the dvd it may allow an attack against the PRNG. > > As things stand, Yarrow is secure, but it might not be a few years from > now. > always humans make most of security problems, not programs. if you need more security simply modify random generation code. even if it will be worse after your modification, it will be unique, and unknown to attackers. and that's the best protection
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070917154845.F74117>