Date: Sat, 10 Apr 2004 14:40:12 -0400 From: Richard Coleman <richardcoleman@mindspring.com> To: Mark Murray <mark@grondar.org> Cc: cvs-src@FreeBSD.ORG Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random randomdev.h randomdev_soft.c randomdev_soft.h yar Message-ID: <40783F8C.1010704@mindspring.com> In-Reply-To: <200404100854.i3A8sa0w066414@grimreaper.grondar.org> References: <200404100854.i3A8sa0w066414@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote: > Bruce M Simpson writes: > >>>>http://www.cryptography.com/resources/whitepapers/index.html >>> >>>Actually, I have. I read it again, now, to be sure. Nothing it says >>>suggests that what I did here is a "huge mistake". Nearest I get is >>>the suggestion that the output from the on-chip RNG is used as a >>>source for a hash function (like Yarrow). I feel that is overkill, >>>and that the output of the on-chip RNG is sufficient. >> >>I'm inclined to trust your judgement here on this, Mark, but Nate does >>have a valid point; we need to be sure that the entropy sources are of >>sufficiently high quality or we risk compromising the system. >> >>If you could cite some independent tests for the VIA C3 on-chip RNG >>that would be very helpful to all. > > > How about Nate's paper? It gives the VIA C3 a very high assessment WRT > the quality of the entropy delivered. > > If it is felt that further whitening of the VIA C3 RNG is needed, > then I believe that Yarrow would be overkill, and that a much smaller > hash function will be sufficient. > > M > -- > Mark Murray What do you have in mind? AES is already one of the faster ciphers around. You could reduce the number of rounds used for AES, but it would be hard to estimate the cryptographic strength. Richard Coleman richardcoleman@mindspring.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?40783F8C.1010704>