From owner-freebsd-security Wed May 3 23:32: 4 2000 Delivered-To: freebsd-security@freebsd.org Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138]) by hub.freebsd.org (Postfix) with ESMTP id BC57B37BEBA for ; Wed, 3 May 2000 23:31:51 -0700 (PDT) (envelope-from mark@grondar.za) Received: from grimreaper.grondar.za (localhost [127.0.0.1]) by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id IAA05674; Thu, 4 May 2000 08:31:41 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200005040631.IAA05674@grimreaper.grondar.za> To: James Wyatt Cc: Matthew Dillon , "Andrew J. Korty" , security@FreeBSD.ORG Subject: Re: Cryptographic dump(8) References: In-Reply-To: ; from James Wyatt "Wed, 03 May 2000 13:06:04 EST." Date: Thu, 04 May 2000 08:31:41 +0200 From: Mark Murray Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > On Wed, 3 May 2000, Matthew Dillon wrote: > [ losts stuff deleted ] > > Also, putting a random number in each block is important if each block > > is separately encrypted, for the same reason. > > > > Using /dev/random to obtain your random numbers is considered to be > > acceptable. > > How can you tell how much entropy is in the 'pool' for /dev/random and > it's about to start being not-so-random? Pull a sample once in a while and > Chi test it? I like being able to know. - Jy@ /dev/random only gives out enough bytes to cover its current pool size estimate; after that it blocks. /dev/urandom will give a hash of the pool and continue stirring to pool for as long as you read it. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message