From owner-freebsd-security@FreeBSD.ORG Fri Sep 19 11:18:22 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF12916A4B3 for ; Fri, 19 Sep 2003 11:18:22 -0700 (PDT) Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 00C4344001 for ; Fri, 19 Sep 2003 11:18:20 -0700 (PDT) (envelope-from mark@grondar.org) Received: from storm.FreeBSD.org.uk (Ugrondar@localhost [127.0.0.1]) by storm.FreeBSD.org.uk (8.12.9/8.12.9) with ESMTP id h8JIIJt1040489; Fri, 19 Sep 2003 19:18:19 +0100 (BST) (envelope-from mark@grondar.org) Received: (from Ugrondar@localhost)h8JIIJTc040488; Fri, 19 Sep 2003 19:18:19 +0100 (BST) (envelope-from mark@grondar.org) X-Authentication-Warning: storm.FreeBSD.org.uk: Ugrondar set sender to mark@grondar.org using -f Received: from grondar.org (localhost [127.0.0.1])h8JIJOfq013739; Fri, 19 Sep 2003 19:19:24 +0100 (BST) (envelope-from mark@grondar.org) From: Mark Murray Message-Id: <200309191819.h8JIJOfq013739@grimreaper.grondar.org> To: Michael Sierchio In-Reply-To: Your message of "Fri, 19 Sep 2003 07:57:20 PDT." <3F6B1950.8090304@tenebras.com> Date: Fri, 19 Sep 2003 19:19:24 +0100 Sender: mark@grondar.org X-Spam-Status: No, hits=-0.1 required=5.0 tests=EMAIL_ATTRIBUTION,FROM_NO_LOWER,FWD_MSG,IN_REP_TO, QUOTED_EMAIL_TEXT,REPLY_WITH_QUOTES version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) X-Mailman-Approved-At: Tue, 23 Sep 2003 09:29:43 -0700 cc: freebsd-security@freebsd.org Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Sep 2003 18:18:22 -0000 Michael Sierchio writes: > > In FreeBSD-5-* there is no separate /dev/urandom, and /dev/random is > > driven by Yarrow (http://www.counterpane.com/yarrow/). This is a > > PRNG+entropy-harvester, and it it _very_ conservative. As long as > > _some_ entropy is being harvested, it is unlikely that either generator > > wil produce a repeating sequence _ever_. > > Oh? I believe that, for any finite binary string, the probability > of it appearing again approaches 1 as time goes on. Don't you? For a pure PRNG, I believe that. For such a PRNG, such a string will appear with a predictable period, and for a particular string, the period is the same length as the string. Thus, there is no entropy in a pure PRNG. If the PRNG is perturbed with entropy, then the cyclic behaviour is broken, and the predictablility is compromised. With good technique, it can be made Very Hard(tm) to predict the sequence. > Question, since I haven't looked at the code -- does it honor the > /dev/crypto interface? Since, if a HW RBG is included in a crypto > device, it should be used to help stir the pot. Yes. Internally. And more is coming. M -- Mark Murray iumop ap!sdn w,I idlaH