From owner-cvs-src@FreeBSD.ORG Sat Apr 10 01:27:11 2004 Return-Path: Delivered-To: cvs-src@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1BE0716A4CE; Sat, 10 Apr 2004 01:27:11 -0700 (PDT) Received: from arginine.spc.org (arginine.spc.org [195.206.69.236]) by mx1.FreeBSD.org (Postfix) with ESMTP id C7BB143D41; Sat, 10 Apr 2004 01:27:10 -0700 (PDT) (envelope-from bms@spc.org) Received: from localhost (localhost [127.0.0.1]) by arginine.spc.org (Postfix) with ESMTP id CB216653B5; Sat, 10 Apr 2004 09:27:09 +0100 (BST) Received: from arginine.spc.org ([127.0.0.1]) by localhost (arginine.spc.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 86357-05; Sat, 10 Apr 2004 09:27:09 +0100 (BST) Received: from empiric.dek.spc.org (82-147-17-88.dsl.uk.rapidplay.com [82.147.17.88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by arginine.spc.org (Postfix) with ESMTP id 73FE9651F7; Sat, 10 Apr 2004 09:27:06 +0100 (BST) Received: by empiric.dek.spc.org (Postfix, from userid 1001) id B24D260EE; Sat, 10 Apr 2004 09:27:05 +0100 (BST) Date: Sat, 10 Apr 2004 09:27:05 +0100 From: Bruce M Simpson To: Mark Murray Message-ID: <20040410082705.GR710@empiric.dek.spc.org> Mail-Followup-To: Mark Murray , Nate Lawson , cvs-all@FreeBSD.ORG, cvs-src@FreeBSD.ORG, src-committers@FreeBSD.ORG References: <20040409103618.A48723@root.org> <200404091834.i39IYi0w060497@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="/0U0QBNx7JIUZLHm" Content-Disposition: inline In-Reply-To: <200404091834.i39IYi0w060497@grimreaper.grondar.org> cc: cvs-src@FreeBSD.ORG cc: src-committers@FreeBSD.ORG cc: cvs-all@FreeBSD.ORG cc: Nate Lawson Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Apr 2004 08:27:11 -0000 --/0U0QBNx7JIUZLHm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 09, 2004 at 07:34:44PM +0100, Mark Murray wrote: > Nate Lawson writes: > > This is a huge mistake. At the very minimum, I take it you never read = our > > paper. > >=20 > > http://www.cryptography.com/resources/whitepapers/index.html >=20 > Actually, I have. I read it again, now, to be sure. Nothing it says > suggests that what I did here is a "huge mistake". Nearest I get is > the suggestion that the output from the on-chip RNG is used as a source > for a hash function (like Yarrow). I feel that is overkill, and that > the output of the on-chip RNG is sufficient. I'm inclined to trust your judgement here on this, Mark, but Nate does have a valid point; we need to be sure that the entropy sources are of sufficien= tly high quality or we risk compromising the system. If you could cite some independent tests for the VIA C3 on-chip RNG that would be very helpful to all. Regards, BMS --/0U0QBNx7JIUZLHm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: '' iD8DBQFAd6/YueUpAYYNtTsRAhkPAKCHp6NtcC7mWjjlPrqoNDTQyhu9UwCff4Nc cu7PwaXin8UC47D/l/LHMb0= =WViR -----END PGP SIGNATURE----- --/0U0QBNx7JIUZLHm--