Date: Mon, 17 Jul 2000 08:15:53 +0200 From: Mark Murray <mark@grondar.za> To: Kris Kennaway <kris@FreeBSD.org> Cc: current@FreeBSD.org Subject: Re: randomdev entropy gathering is really weak Message-ID: <200007170615.IAA05906@grimreaper.grondar.za> In-Reply-To: <Pine.BSF.4.21.0007161454540.85469-100000@freefall.freebsd.org> ; from Kris Kennaway <kris@FreeBSD.org> "Sun, 16 Jul 2000 15:00:44 MST." References: <Pine.BSF.4.21.0007161454540.85469-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> ssh-keygen should just block until it gets enough - this is not acceptable > behaviour if /dev/urandom is returning unseeded data. OpenSSL uses > /dev/urandom at the moment - I just read a comment in md_rand.c that using > /dev/random may block, which I didn't think was true. > > On the other hand, doing a dd if=/dev/random of=/dev/null gives me > infinite "randomness" at 10MB/sec - have the semantics of /dev/random > changed? Yes; remember that what we have here is Yarrow algorithm; which is an algorithm for cryptographically secure PRNG - one whose internal state is unguessable, or if compromised folr some reason is self-recovering. "Infinite" randomness is possible with this algorithm. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007170615.IAA05906>