From owner-freebsd-current Wed Oct 25 10:38:14 2000 Delivered-To: freebsd-current@freebsd.org Received: from grimreaper.grondar.za (adsl-63-206-96-212.dsl.snfc21.pacbell.net [63.206.96.212]) by hub.freebsd.org (Postfix) with ESMTP id 4B16037B4CF for ; Wed, 25 Oct 2000 10:38:13 -0700 (PDT) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.1/8.11.1) with ESMTP id e9PHbWR08465; Wed, 25 Oct 2000 10:37:37 -0700 (PDT) (envelope-from mark@grondar.za) Message-Id: <200010251737.e9PHbWR08465@grimreaper.grondar.za> To: =?koi8-r?B?4c7E0sXKIP7F0s7P1w==?= Cc: current@FreeBSD.ORG Subject: Re: entropy reseeding is totally broken References: <20001025145028.A81143@nagual.pp.ru> In-Reply-To: <20001025145028.A81143@nagual.pp.ru> ; from =?koi8-r?B?4c7E0sXKIP7F0s7P1w==?= "Wed, 25 Oct 2000 14:50:29 +0400." Date: Wed, 25 Oct 2000 10:37:31 -0700 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > 1) Reseed code is broken, in come case (as I describe) all reseeding data > is ignored, only its size is counted until it was as big as 16384. Mark > not fix it yet at this moment nor confirm he is able to reproduce this > bug. I'm trying to reproduce this formally. I'm looking for reasons, not any more hacks. > 2) Reseeding state may not preserve across the boot due to various reasons > like panic, etc. Since _time_ is ignored, all other data /etc/rc tries to > collect now can be non-random _easily_! > > Unless _time_ will be used, /dev/random is plain unusable for production > usage. Andrey, read the code; nanotime is all over the harvested entropy. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message