Date: Sat, 22 Jul 2000 11:31:43 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: Mark Murray <mark@grondar.za>, current@FreeBSD.ORG Subject: Re: randomdev entropy gathering is really weak Message-ID: <3979BE5F.9FADF58A@vangelderen.org> References: <Pine.BSF.4.21.0007220111430.10998-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote:
>
> On Sat, 22 Jul 2000, Mark Murray wrote:
>
> > Lots of references: Schneier's "Applied Cryptography" talks about
> > using Good Hashes for crypto and Good Crypto for hashes. Schneier's
> > site at www.counterpane.com will give you plenty.
>
> I havent been able to get my hands on Applied Cryptography, but I don't
> recall seeing anything like this on the website. I'll check again.
>
> > The differnce with the old system and Yarrow is yarrow's self-recovery
> > property; Yarrow screens its internal state from the ouside world
> > very heavily, and provides enough perturbation of it from its
> > copious :-) entropy harvesting to keep the state safe from compromise.
>
> Yeah, I know all this and agree that Yarrow makes a better /dev/urandom,
> but it doesn't change the fact that Yarrow-256 is only good for 256 bits
> of entropy between reseeding operations. You can pull all you want out of
> it but will never get more than 256 bits until it reseeds.
You don't care in practice, 256 bits are unguessable.
If you do care, you load a different random module :-)
Cheers,
Jeroen
--
Jeroen C. van Gelderen o _ _ _
jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_)
_< \_ _>(_) (_)/<_ \_| \ _|/' \/
(_)>(_) (_) (_) (_) (_)' _\o_
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3979BE5F.9FADF58A>