From owner-freebsd-current  Sun Jul 16 23: 6:44 2000
Delivered-To: freebsd-current@freebsd.org
Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1BC3C37B523; Sun, 16 Jul 2000 23:06:37 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id IAA05866;
	Mon, 17 Jul 2000 08:07:43 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200007170607.IAA05866@grimreaper.grondar.za>
To: "Andrey A. Chernov" <ache@FreeBSD.ORG>
Cc: current@FreeBSD.ORG
Subject: Re: randomdev entropy gathering is really weak 
References: <20000716125502.B89979@freebsd.org> 
In-Reply-To: <20000716125502.B89979@freebsd.org> ; from "Andrey A. Chernov" <ache@FreeBSD.ORG>  "Sun, 16 Jul 2000 12:55:02 MST."
Date: Mon, 17 Jul 2000 08:07:43 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > The situation is _worse_; the entropy is minimal, and is _very_ attackable.
> 
> What's wrong about timers for enthropy (I mean high resolution ones)?
> Really we need only few bytes of enthropy and can use them to seed RNG for the 
> first time if no true randomness available. To be joking: MD5 of kernel module 
> can help too :-)

getnanotime() is already extensively used; we just need to force the 
RNG to reseed once at the beginning. As soon as I'm happy that the
code is panic-free, I'll commit it.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message