From owner-freebsd-security  Thu Mar 27 16:27:26 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id QAA06183
          for security-outgoing; Thu, 27 Mar 1997 16:27:26 -0800 (PST)
Received: from sovcom.kiae.su (sovcom.kiae.su [193.125.152.1])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id QAA06173;
          Thu, 27 Mar 1997 16:27:13 -0800 (PST)
Received: by sovcom.kiae.su id AA05917
  (5.65.kiae-1 ); Fri, 28 Mar 1997 03:17:59 +0300
Received: by sovcom.KIAE.su (UUMAIL/2.0); Fri, 28 Mar 97 03:17:59 +0300
Received: (from ache@localhost)
	by nagual.ru (8.8.5/8.8.5) id DAA00574;
	Fri, 28 Mar 1997 03:06:15 +0300 (MSK)
Date: Fri, 28 Mar 1997 03:06:13 +0300 (MSK)
From: =?KOI8-R?B?4c7E0sXKIP7F0s7P1w==?= <ache@nagual.ru>
To: Poul-Henning Kamp <phk@critter.dk.tfs.com>
Cc: Joerg Wunsch <joerg_wunsch@uriah.heep.sax.de>, markm@FreeBSD.ORG,
        security@FreeBSD.ORG
Subject: Re: ATTENTION: Initial state of random pool 
In-Reply-To: <550.859495025@critter>
Message-Id: <Pine.BSF.3.96.970328030206.521C-100000@nagual.ru>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Thu, 27 Mar 1997, Poul-Henning Kamp wrote:

> A semi-not-too-bad priming method could be:
> 
> 	for dev in all diskmedia
> 		ts = time
> 		bno = ts.tv_usec & dssize(dev)
> 		read sector bno
> 		add sectore to random pool

We don't need more methods, all we need is _one_ true random method
which generates at least _one_ random word initially, because pool
hashed after it, i.e. it seeds MD5 RNG.
Good guess will be timer method which already present.

Looking in the code (not deeply), I can't say, is any true randomness
added initially, I think somebody who knows it better (Mark?)
can answer.

-- 
Andrey A. Chernov
<ache@null.net>
http://www.nagual.ru/~ache/