From owner-freebsd-current Mon Jul 17 0: 5: 4 2000 Delivered-To: freebsd-current@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 2F3AF37B7B4; Mon, 17 Jul 2000 00:04:59 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id AAA45279; Mon, 17 Jul 2000 00:04:59 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Mon, 17 Jul 2000 00:04:58 -0700 (PDT) From: Kris Kennaway To: Mark Murray Cc: current@FreeBSD.org Subject: Re: randomdev entropy gathering is really weak In-Reply-To: <200007170615.IAA05906@grimreaper.grondar.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 17 Jul 2000, Mark Murray wrote: > > On the other hand, doing a dd if=/dev/random of=/dev/null gives me > > infinite "randomness" at 10MB/sec - have the semantics of /dev/random > > changed? > > Yes; remember that what we have here is Yarrow algorithm; which is an > algorithm for cryptographically secure PRNG - one whose internal state > is unguessable, or if compromised folr some reason is self-recovering. > > "Infinite" randomness is possible with this algorithm. On the other hand, didn't you say that at system boot the RNG is essentially unseeded, so this is actually a liability because processes cannot be sure they're getting real randomness. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message