Date: Tue, 18 Jul 2000 10:47:35 -0400 From: Dan Moschuk <dan@FreeBSD.org> To: David Malone <dwmalone@maths.tcd.ie> Cc: Kris Kennaway <kris@FreeBSD.org>, Mark Murray <mark@grondar.za>, Poul-Henning Kamp <phk@critter.freebsd.dk>, current@FreeBSD.org Subject: Re: randomdev entropy gathering is really weak Message-ID: <20000718104735.D1221@spirit.jaded.net> In-Reply-To: <20000718111534.A20086@walton.maths.tcd.ie>; from dwmalone@maths.tcd.ie on Tue, Jul 18, 2000 at 11:15:34AM %2B0100 References: <200007171459.QAA00888@grimreaper.grondar.za> <Pine.BSF.4.21.0007171315510.49901-100000@freefall.freebsd.org> <20000718111534.A20086@walton.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
| I think there are other practical issues too. Unless the new libfetch | fetch supports https this won't work. More to the point, I'd | guess https needs a working /dev/random to set up the secure | connection, but we're running fetch to set up /dev/random. | | How much entropy can we get from: | | (date; dmesg ; sysctl -X; vmstat -i ) > /dev/random | | Just playing it looks like you might get 4 so bits from the | rtc and clk interupt count alone. None. Any data that is publically available via userland should not be used for cryptography. -Dan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000718104735.D1221>