Date: Sat, 10 Apr 2004 09:54:36 +0100 From: Mark Murray <mark@grondar.org> To: Bruce M Simpson <bms@spc.org> Cc: Nate Lawson <nate@root.org> Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar Message-ID: <200404100854.i3A8sa0w066414@grimreaper.grondar.org> In-Reply-To: Your message of "Sat, 10 Apr 2004 09:27:05 BST." <20040410082705.GR710@empiric.dek.spc.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Bruce M Simpson writes: > > > http://www.cryptography.com/resources/whitepapers/index.html > > > > Actually, I have. I read it again, now, to be sure. Nothing it says > > suggests that what I did here is a "huge mistake". Nearest I get is > > the suggestion that the output from the on-chip RNG is used as a > > source for a hash function (like Yarrow). I feel that is overkill, > > and that the output of the on-chip RNG is sufficient. > > I'm inclined to trust your judgement here on this, Mark, but Nate does > have a valid point; we need to be sure that the entropy sources are of > sufficiently high quality or we risk compromising the system. > > If you could cite some independent tests for the VIA C3 on-chip RNG > that would be very helpful to all. How about Nate's paper? It gives the VIA C3 a very high assessment WRT the quality of the entropy delivered. If it is felt that further whitening of the VIA C3 RNG is needed, then I believe that Yarrow would be overkill, and that a much smaller hash function will be sufficient. M -- Mark Murray iumop ap!sdn w,I idlaH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200404100854.i3A8sa0w066414>