From owner-freebsd-questions@FreeBSD.ORG Mon Sep 17 17:05:33 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4AB7316A417 for ; Mon, 17 Sep 2007 17:05:33 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from fw.farid-hajji.net (fw.farid-hajji.net [213.146.115.42]) by mx1.freebsd.org (Postfix) with ESMTP id BA8B713C467 for ; Mon, 17 Sep 2007 17:05:32 +0000 (UTC) (envelope-from cpghost@cordula.ws) Received: from epia-2.farid-hajji.net (epia-2 [192.168.254.11]) by fw.farid-hajji.net (Postfix) with ESMTP id 11744DFDE4; Mon, 17 Sep 2007 19:07:07 +0200 (CEST) Date: Mon, 17 Sep 2007 19:09:01 +0200 From: cpghost To: Wojciech Puchar Message-ID: <20070917190901.7503c0f4@epia-2.farid-hajji.net> In-Reply-To: <20070917154845.F74117@wojtek.tensor.gdynia.pl> References: <20070913153630.GA9448@slackbox.xs4all.nl> <200709161521.39955.fbsd.questions@rachie.is-a-geek.net> <20070916215550.65e09a71@gumby.homeunix.com.> <200709162351.58692.fbsd.questions@rachie.is-a-geek.net> <20070917032422.33361b0a@gumby.homeunix.com.> <20070917154845.F74117@wojtek.tensor.gdynia.pl> Organization: Cordula's Web X-Mailer: Claws Mail 3.0.0 (GTK+ 2.10.14; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: RW , freebsd-questions@freebsd.org Subject: Re: /dev/random question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Sep 2007 17:05:33 -0000 On Mon, 17 Sep 2007 15:50:33 +0200 (CEST) Wojciech Puchar wrote: > > same Yarrow pseudo-random sequence. If enough of the random data > > survives at the end of the dvd it may allow an attack against the > > PRNG. > > > > As things stand, Yarrow is secure, but it might not be a few years > > from now. > > > always humans make most of security problems, not programs. Yes, indeed. This, and poor key management techniques... > if you need more security simply modify random generation code. even > if it will be worse after your modification, it will be unique, and > unknown to attackers. and that's the best protection Just because it is unknown to attackers doesn't mean that it is more secure. You can inadvertently produce *less* entropy and randomness without even noticing it, and cryptanalysts are *very* good at identifying this with statistical and other mathematical methods, even without knowing the algorithm used to generate the random stream. Security through obscurity (even for algorithms generating random sequences) isn't the way to go if you're really security-aware. -- Cordula's Web. http://www.cordula.ws/