Date: Fri, 19 Sep 2003 07:57:20 -0700 From: Michael Sierchio <kudzu@tenebras.com> Cc: freebsd-security@freebsd.org Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh] Message-ID: <3F6B1950.8090304@tenebras.com> In-Reply-To: <200309190802.h8J82bfq006549@grimreaper.grondar.org> References: <200309190802.h8J82bfq006549@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote: > In FreeBSD-5-* there is no separate /dev/urandom, and /dev/random is > driven by Yarrow (http://www.counterpane.com/yarrow/). This is a > PRNG+entropy-harvester, and it it _very_ conservative. As long as > _some_ entropy is being harvested, it is unlikely that either generator > wil produce a repeating sequence _ever_. Oh? I believe that, for any finite binary string, the probability of it appearing again approaches 1 as time goes on. Don't you? Question, since I haven't looked at the code -- does it honor the /dev/crypto interface? Since, if a HW RBG is included in a crypto device, it should be used to help stir the pot.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F6B1950.8090304>