From owner-freebsd-current  Tue Jul 18  7:47:49 2000
Delivered-To: freebsd-current@freebsd.org
Received: from spirit.jaded.net (shortbus.jaded.net [216.94.132.8])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5EEC837BE58; Tue, 18 Jul 2000 07:47:44 -0700 (PDT)
	(envelope-from dan@spirit.jaded.net)
Received: (from dan@localhost)
	by spirit.jaded.net (8.9.3/8.9.3) id KAA01297;
	Tue, 18 Jul 2000 10:47:35 -0400 (EDT)
	(envelope-from dan)
Date: Tue, 18 Jul 2000 10:47:35 -0400
From: Dan Moschuk <dan@FreeBSD.org>
To: David Malone <dwmalone@maths.tcd.ie>
Cc: Kris Kennaway <kris@FreeBSD.org>, Mark Murray <mark@grondar.za>,
	Poul-Henning Kamp <phk@critter.freebsd.dk>, current@FreeBSD.org
Subject: Re: randomdev entropy gathering is really weak
Message-ID: <20000718104735.D1221@spirit.jaded.net>
References: <200007171459.QAA00888@grimreaper.grondar.za> <Pine.BSF.4.21.0007171315510.49901-100000@freefall.freebsd.org> <20000718111534.A20086@walton.maths.tcd.ie>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2i
In-Reply-To: <20000718111534.A20086@walton.maths.tcd.ie>; from dwmalone@maths.tcd.ie on Tue, Jul 18, 2000 at 11:15:34AM +0100
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


| I think there are other practical issues too. Unless the new libfetch
| fetch supports https this won't work. More to the point, I'd
| guess https needs a working /dev/random to set up the secure
| connection, but we're running fetch to set up /dev/random.
| 
| How much entropy can we get from:
| 
| 	(date; dmesg ; sysctl -X; vmstat -i ) > /dev/random
| 
| Just playing it looks like you might get 4 so bits from the
| rtc and clk interupt count alone.

None.  Any data that is publically available via userland should not be
used for cryptography.

-Dan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message