Date: Fri, 19 Sep 2003 11:28:46 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: Mark Murray <mark@grondar.org> Cc: freebsd-security@freebsd.org Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh] Message-ID: <3F6B4ADE.7010102@tenebras.com> In-Reply-To: <200309191819.h8JIJOfq013739@grimreaper.grondar.org> References: <200309191819.h8JIJOfq013739@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote: > For a pure PRNG, I believe that. For such a PRNG, such a string > will appear with a predictable period, and for a particular string, > the period is the same length as the string. I'm sorry, I was being both academic and intentionally silly. Strings of length one occur with a certain frequency, strings of length two, etc. If by entropy you mean incompressibility, PRNGs have 8 bits of entropy per byte. If you mean cryptographically useful (non-predictable to the left or to the right no matter how long a string you have) then PRNGs don't produce entropy. But schemes like Yarrow, or my own scheme which is a modified X9.17 with keyed hash functions used in place of DES, produce cryptographically useful random numbers, and limit the risk of prediction due to knowledge of internal state by periodically perturbing the state with "real" random buts. >>Question, since I haven't looked at the code -- does it honor the >>/dev/crypto interface? Since, if a HW RBG is included in a crypto >>device, it should be used to help stir the pot. > > > Yes. Internally. And more is coming. Good. Soekris crypto boards based on Hifn chips are cheap and useful.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F6B4ADE.7010102>