From owner-freebsd-security@FreeBSD.ORG Fri Sep 19 11:28:54 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BA0616A4B3 for ; Fri, 19 Sep 2003 11:28:54 -0700 (PDT) Received: from tenebras.com (blade.tenebras.com [66.92.188.175]) by mx1.FreeBSD.org (Postfix) with SMTP id 5579A43FE3 for ; Fri, 19 Sep 2003 11:28:53 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 2801 invoked from network); 19 Sep 2003 18:28:52 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by laptop.tenebras.com with SMTP; 19 Sep 2003 18:28:52 -0000 Message-ID: <3F6B4ADE.7010102@tenebras.com> Date: Fri, 19 Sep 2003 11:28:46 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: Mark Murray References: <200309191819.h8JIJOfq013739@grimreaper.grondar.org> In-Reply-To: <200309191819.h8JIJOfq013739@grimreaper.grondar.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: Re: [Fwd: Re: FreeBSD Security Advisory FreeBSD-SA-03:12.openssh] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Sep 2003 18:28:54 -0000 Mark Murray wrote: > For a pure PRNG, I believe that. For such a PRNG, such a string > will appear with a predictable period, and for a particular string, > the period is the same length as the string. I'm sorry, I was being both academic and intentionally silly. Strings of length one occur with a certain frequency, strings of length two, etc. If by entropy you mean incompressibility, PRNGs have 8 bits of entropy per byte. If you mean cryptographically useful (non-predictable to the left or to the right no matter how long a string you have) then PRNGs don't produce entropy. But schemes like Yarrow, or my own scheme which is a modified X9.17 with keyed hash functions used in place of DES, produce cryptographically useful random numbers, and limit the risk of prediction due to knowledge of internal state by periodically perturbing the state with "real" random buts. >>Question, since I haven't looked at the code -- does it honor the >>/dev/crypto interface? Since, if a HW RBG is included in a crypto >>device, it should be used to help stir the pot. > > > Yes. Internally. And more is coming. Good. Soekris crypto boards based on Hifn chips are cheap and useful.