Date: Tue, 8 Mar 2005 10:24:30 -0500 From: David Schultz <das@FreeBSD.ORG> To: Richard Coleman <rcoleman@criticalmagic.com> Cc: Ian G <iang@iang.org> Subject: Re: New entropy source proposal. Message-ID: <20050308152430.GA1999@VARK.MIT.EDU> In-Reply-To: <422DB45E.2050900@criticalmagic.com> References: <999.1110223995@critter.freebsd.dk> <422D9B5E.3020303@iang.org> <422DB45E.2050900@criticalmagic.com>
index | next in thread | previous in thread | raw e-mail
On Tue, Mar 08, 2005, Richard Coleman wrote: > Ian G wrote: > >You might want to check out: > > > >http://www.av8n.com/turbid/paper/turbid.htm > > > >There is some controversy over the new FreeBSD /dev/random system, > >is there any analysis of the system? I wasn't able to find anything > >from a brief search. > > > >iang > > The FreeBSD /dev/random was originally based on the Yarrow paper that is > given as a reference in the paper above. But I think the current > implementation is more similar to to the version of Yarrow that is > discussed in Bruce Schneier's "Practical Cryptography". I'm not sure if > that is a coincidence or not. > > The paper mentioned above only briefly mentions Yarrow, and doesn't > mention the FreeBSD implementation, so it's hard to compare the two. > > At first glance, both systems appear strong. There's also: http://www.usenix.org/publications/library/proceedings/bsdcon02/full_papers/murray/murray_html/ The only objection with it that I'm aware of is that the random device does not ordinarily block, which may make it vulnerable to side channel or cryptanalytic attacks.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050308152430.GA1999>