From owner-freebsd-arch@FreeBSD.ORG Thu Oct 5 13:54:57 2006 Return-Path: X-Original-To: freebsd-arch@FreeBSD.ORG Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F3A7816A412; Thu, 5 Oct 2006 13:54:56 +0000 (UTC) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7026B43D46; Thu, 5 Oct 2006 13:54:56 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.8/8.13.8) with ESMTP id k95Dsmpb034014; Thu, 5 Oct 2006 14:54:48 +0100 (BST) (envelope-from mark@grondar.org) Received: (from uucp@localhost) by storm.uk.FreeBSD.org (8.13.8/8.12.11/Submit) with UUCP id k95Dsmgk034013; Thu, 5 Oct 2006 14:54:48 +0100 (BST) (envelope-from mark@grondar.org) Received: from greatest.grondar.org (localhost [127.0.0.1]) by greatest.grondar.org (8.13.8/8.13.8) with ESMTP id k95Dsd3A047400; Thu, 5 Oct 2006 14:54:39 +0100 (BST) (envelope-from mark@greatest.grondar.org) Message-Id: <200610051354.k95Dsd3A047400@greatest.grondar.org> To: Robert Watson From: Mark Murray Date: Thu, 05 Oct 2006 14:54:39 +0100 Sender: mark@grondar.org Cc: Ricardo Nabinger Sanchez , freebsd-arch@FreeBSD.ORG Subject: Re: PRNG on FreeBSD X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Oct 2006 13:54:57 -0000 Robert Watson writes: > > On Wed, 4 Oct 2006, Ricardo Nabinger Sanchez wrote: > > > Snooping around Wikipedia, I got curious about if it'd worth the > > effort going from Yarrow [1] to Fortuna [2] algorithm, as the > > authors (seems to) claim that the latter is better/more secure. > > > > As someone (me) who knows very little on how to effectively > > compromise a PRNG, what are the tradeoffs? Yarrow is simpler/faster > > than Fortuna? > > Yarrow is an older PRNG algorithm, and Fortuna is (as I understand > it) generally considered its successor. Mark Murray (CC'd), who > implemented our current /dev/random and Yarrow code, has been working > on a Fortuna implementation for FreeBSD. Indeed. Fortuna is also looking like it is going to be a significant resource hog WRT memory, particularly on small/embedded devices. I'm stalled right now (exam mode for two weeks) but its top of my TODO list to get Fortuna off my chest once I'm done. I think I'm going to need a hand with the kernel bits; I keep running into problems I can't think of decent questions for. M -- Mark R V Murray - Cert APS(Open) Dip Phys(Open) BSc Open(Open) What is the most interesting question you have asked? What, if any, was the answer?