Date: Sun, 18 Aug 2013 14:50:30 -0700 From: "Simon J. Gerraty" <sjg@juniper.net> To: Mark R V Murray <mark@grondar.org> Cc: Tim Kientzle <tim@kientzle.com>, FreeBSD-arch Arch <freebsd-arch@freebsd.org>, secteam@freebsd.org, des@des.no Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <20130818215030.F172658097@chaos.jnpr.net> In-Reply-To: <F908BF80-538B-4363-ACCC-3D860CBEE359@grondar.org> References: <20130807183112.GA79319@dragon.NUXI.org> <86pptfnu33.fsf@nine.des.no> <20130815231713.GD76666@x96.org> <20130816002625.GE76666@x96.org> <9B274F48-0C88-4117-BEAC-1A555772A3C5@grondar.org> <86a9kf733d.fsf@nine.des.no> <0C97B866-A169-4141-8368-AA7F5B5382F4@grondar.org> <861u5r71zi.fsf@nine.des.no> <892B11BD-396D-4F82-B97C-753F72CA494D@grondar.org> <86r4dr5j3p.fsf@nine.des.no> <4C1BD77C-8C6B-4044-9285-5978A3BC4B70@kientzle.com> <537622E1-F785-4BFA-B829-09DCDB484606@grondar.org> <932AB5CA-778E-438D-8FD3-8C0F29F3D117@kientzle.com> <F908BF80-538B-4363-ACCC-3D860CBEE359@grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 18 Aug 2013 21:02:46 +0100, Mark R V Murray writes: >On 18 Aug 2013, at 20:27, Tim Kientzle <tim@kientzle.com> wrote: >> My key claims: >> * Entropy mixers such as Yarrow, Fortuna, or >> passthrough are different from entropy sources. >> Mixers specify how /dev/random is generated from >> available entropy. > >Yes! I think this is a key point. One of the problems we face dealing with NSA (or perhaps more accurately labs representing them) etc, is that they want us to be able to provide and substantiate claims of entropy *out* of /dev/random. We can "measure" and analyze the entropy going *into* a mixer like Yarrow, but it is hard to make assertions about the output beyond "if I collected N bits of entropy I cannot output more than that". (it wouldn't be doing a good job of mixing if you could). I suspect this is a key driver for the plugin arrangement - being able to address NSA concerns by using a PRNG of and in a manner of their choosing. Describing Yarrow/Fortuna as entropy "mixers" (or conditioning functions) rather than entropy "sources" might help.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130818215030.F172658097>