Date: Fri, 19 Sep 2003 19:19:24 +0100 From: Mark Murray <mark@grondar.org> To: Michael Sierchio <kudzu@tenebras.com> Cc: freebsd-security@freebsd.org Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh] Message-ID: <200309191819.h8JIJOfq013739@grimreaper.grondar.org> In-Reply-To: Your message of "Fri, 19 Sep 2003 07:57:20 PDT." <3F6B1950.8090304@tenebras.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Sierchio writes: > > In FreeBSD-5-* there is no separate /dev/urandom, and /dev/random is > > driven by Yarrow (http://www.counterpane.com/yarrow/). This is a > > PRNG+entropy-harvester, and it it _very_ conservative. As long as > > _some_ entropy is being harvested, it is unlikely that either generator > > wil produce a repeating sequence _ever_. > > Oh? I believe that, for any finite binary string, the probability > of it appearing again approaches 1 as time goes on. Don't you? For a pure PRNG, I believe that. For such a PRNG, such a string will appear with a predictable period, and for a particular string, the period is the same length as the string. Thus, there is no entropy in a pure PRNG. If the PRNG is perturbed with entropy, then the cyclic behaviour is broken, and the predictablility is compromised. With good technique, it can be made Very Hard(tm) to predict the sequence. > Question, since I haven't looked at the code -- does it honor the > /dev/crypto interface? Since, if a HW RBG is included in a crypto > device, it should be used to help stir the pot. Yes. Internally. And more is coming. M -- Mark Murray iumop ap!sdn w,I idlaH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309191819.h8JIJOfq013739>