From owner-freebsd-hackers@FreeBSD.ORG  Mon Apr 21 10:48:35 2008
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 22A8F106566B
	for <freebsd-hackers@freebsd.org>; Mon, 21 Apr 2008 10:48:35 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id CA5128FC17
	for <freebsd-hackers@freebsd.org>; Mon, 21 Apr 2008 10:48:34 +0000 (UTC)
	(envelope-from rea-fbsd@codelabs.ru)
DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru;
	h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject;
	b=U37iQCmFA/lzbdZE+eN/p21bHeqFYRBZDGpCYtmNaWF7kmrsFL5MYCTODDDrXintdWzkpJGwR7KuErVIoEeYBJpOdMqTrcZ4FA7AxDuY4Vqry/tlYBk/7NZNdt8PMqLJM71zueklk2UdgVEBMzl4XpFQgM/kvE2auCQ1VJuA60o=;
Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25])
	by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256)
	id 1JntZX-000Gf5-Po; Mon, 21 Apr 2008 14:48:31 +0400
Date: Mon, 21 Apr 2008 14:48:30 +0400
From: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To: RW <fbsd06@mlists.homeunix.com>
Message-ID: <h9oOUUzCYuqirP9PV+W0Sq20EkI@3jF15V5zTEK556uXK9apbHXi8FQ>
References: <20080419175655.51a37bb2@gumby.homeunix.com.>
	<djKnblBB0JYTUSj+tadwNWUolSw@EEu6nkWAZTlxOp7ENdKMY8AImHg>
	<20080420183135.78b8c710@gumby.homeunix.com.>
MIME-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20080420183135.78b8c710@gumby.homeunix.com.>
Sender: rea-fbsd@codelabs.ru
X-Spam-Status: No, score=-1.7 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_50
Cc: freebsd-hackers@freebsd.org
Subject: Re: Yarrow's Counter
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Apr 2008 10:48:35 -0000

Good day.

Sun, Apr 20, 2008 at 06:31:35PM +0100, RW wrote:
> > this modification seems not to help anything, 
> 
> It possibly doesn't help with an attack against Yarrow itself, but it
> means that 512 bits of entropy, rather than 256 bits, can be read-out
> from /dev/random.

The only source of entropy is the entropy pool.  The key and the
counter are both derived from this pool, so if you will concatenate
two 256 bit values you will not gain more entropy.  Consider the
following case: you have only two input values that are fed to you
by the pool.  And then you're doing whatever you want to generate
the key and the counter: hash something, encrypt something, etc.
The resulting entropy will be not more than one (if there are no
additional sources of randomness and the algorithm is known): you
just should test two input values to get the possible key and counter
spaces.

Am I missing something?
-- 
Eygene