From owner-freebsd-security@FreeBSD.ORG  Tue Sep 11 20:09:27 2012
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 664)
	id 104F11065672; Tue, 11 Sep 2012 20:09:27 +0000 (UTC)
Date: Tue, 11 Sep 2012 13:09:26 -0700
From: David O'Brien <obrien@FreeBSD.org>
To: RW <rwmaillists@googlemail.com>
Message-ID: <20120911200925.GA88456@dragon.NUXI.org>
References: <50453686.9090100@FreeBSD.org>
	<20120904220754.GA3643@server.rulingia.com>
	<20120906174247.GB13179@dragon.NUXI.org>
	<20120906230157.5307a21f@gumby.homeunix.com>
	<20120906224703.GD89120@x96.org> <50493480.8060307@FreeBSD.org>
	<20120911061530.GA77399@dragon.NUXI.org>
	<504EDC67.9070700@FreeBSD.org> <86sjao7q8c.fsf@ds4.des.no>
	<20120911205302.27484fd6@gumby.homeunix.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=unknown-8bit
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20120911205302.27484fd6@gumby.homeunix.com>
X-Operating-System: FreeBSD 10.0-CURRENT
X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger?
User-Agent: Mutt/1.5.20 (2009-06-14)
Cc: Arthur Mesh <arthurmesh@gmail.com>,
	Ian Lepore <freebsd@damnhippie.dyndns.org>,
	Doug Barton <dougb@FreeBSD.org>, freebsd-rc@freebsd.org,
	freebsd-security@freebsd.org,
	Dag-Erling =?unknown-8bit?Q?Sm=F8rgrav?= <des@des.no>
Subject: Re: svn commit: r239569 - head/etc/rc.d
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: obrien@freebsd.org
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Sep 2012 20:09:27 -0000

On Tue, Sep 11, 2012 at 08:53:02PM +0100, RW wrote:
> On Tue, 11 Sep 2012 13:28:51 +0200 Dag-Erling Smørgrav wrote:
> > so none of it is discarded.  My gut feeling is that compression is
> > better than hashing for that purpose,
> 
> It's analogous to a passphrase, have you ever heard of a
> passphrase being compressed rather than hashed? 
> 
> The only good reason for compression is if compression+hashing is
> faster than hashing, and that sounds unlikely.

Good to see someone have thoughts on this.
I've only seen it stated that entropy passes thru mostly "untouched" thru
a cryptographic hash in the literature.  I haven't seen anything mentioned
about entropy thru a compression algorithm other than as an estimation
of entropy.


> You all seem to be making very heavy weather of this - all that's needed
> is to pass the low-grade stuff through a hash of your choice and then
> follow that with the entropy file to fill-up the remaining 4k.

Or fill-up the 4k buffers with high-quality entropy, and add in the
low-grade stuff if there is room.

-- 
-- David  (obrien@FreeBSD.org)