From owner-freebsd-arch  Mon Jun 19 10:24:12 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from grimreaper.grondar.za (grimreaper.grondar.za [196.7.18.138])
	by hub.freebsd.org (Postfix) with ESMTP
	id C02EB37BD1B; Mon, 19 Jun 2000 10:23:58 -0700 (PDT)
	(envelope-from mark@grondar.za)
Received: from grimreaper.grondar.za (localhost [127.0.0.1])
	by grimreaper.grondar.za (8.9.3/8.9.3) with ESMTP id QAA00697;
	Mon, 19 Jun 2000 16:16:29 +0200 (SAST)
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200006191416.QAA00697@grimreaper.grondar.za>
To: Dag-Erling Smorgrav <des@flood.ping.uio.no>
Cc: Dan Moschuk <dan@FreeBSD.ORG>, arch@FreeBSD.ORG, phk@FreeBSD.ORG
Subject: Re: (2nd iteration) New /dev/(random|null|zero) - review, please 
References: <xzpwvjlu9w5.fsf@flood.ping.uio.no> 
In-Reply-To: <xzpwvjlu9w5.fsf@flood.ping.uio.no> ; from Dag-Erling Smorgrav <des@flood.ping.uio.no>  "19 Jun 2000 14:34:50 +0200."
Date: Mon, 19 Jun 2000 16:16:29 +0200
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> The idea of built-in hardware RNGs bothers me a little. How can the
> manufacturer guarantee that all units are perfectly identical and
> indistinguishable? Is it conceivable that a hardware RNG might leave
> (be it by accident or by design) some kind of fingerprint in its
> output that might be detectable if you know what to look for? Reminds
> me of Sherlock Holmes comparing typewritten documents to see if they
> were produced on the same typewriter.

This can be dealt with - hash the output into a "pool of entropy"
and serve the randomness out of that.

M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message