Date: Sun, 23 Jul 2000 14:53:50 +0200 (CEST) From: Stefan `Sec` Zehl <sec@require-re.42.org> To: freebsd-current@freebsd.org Subject: Re: randomdev entropy gathering is really weak Message-ID: <200007231253.OAA28448@matrix.42.org> References: <3056.964340700@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp <phk@critter.freebsd.dk> wrote:
> In message <Pine.BSF.4.21.0007230107130.81127-100000@freefall.freebsd.org>, Kri
> s Kennaway writes:
> >On Sun, 23 Jul 2000, Poul-Henning Kamp wrote:
> >
> >> Obviously, if you need more randomness than a stock FreeBSD system
> >> can provide you with, you add hardware to give you more randomness.
> >
> >This won't help if it's fed through Yarrow.
>
> Nobody has said anything about forcing you to use Yarrow, have they ?
If FreeBSD delivers with it, it will get used.
I think Kris has a valid concern. If I assume that I will get good
randomness from /dev/random, and I don't, there is potential danger.
Assume I want to encrypt a message by XOR'ing with randomness.
If I then exchange my keys securely, the message is uncrackable.
With the current approach it has a 256bits key. This is, in my eyes, not
good. Although yarrow is nice, It's suited for any kind of key
generation.
> I have not seen any new information in the last N emails from you.
This is because his concerns aren't addressed yet.
CU,
Sec
--
Das Usenet ist so ein wunderbares, aber zerbrechliches Medium und so viele
treten es so in den Dreck und machen es unbenutzbar - sei es durch Absicht
oder Gedankenlosigkeit, was vom Ergebnis das gleiche ist. -- Bettina Fink
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007231253.OAA28448>