Date: Sat, 22 Jul 2000 01:14:30 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Mark Murray <mark@grondar.za> Cc: current@FreeBSD.org Subject: Re: randomdev entropy gathering is really weak Message-ID: <Pine.BSF.4.21.0007220111430.10998-100000@freefall.freebsd.org> In-Reply-To: <200007220804.KAA05467@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 22 Jul 2000, Mark Murray wrote:
> Lots of references: Schneier's "Applied Cryptography" talks about
> using Good Hashes for crypto and Good Crypto for hashes. Schneier's
> site at www.counterpane.com will give you plenty.
I havent been able to get my hands on Applied Cryptography, but I don't
recall seeing anything like this on the website. I'll check again.
> The differnce with the old system and Yarrow is yarrow's self-recovery
> property; Yarrow screens its internal state from the ouside world
> very heavily, and provides enough perturbation of it from its
> copious :-) entropy harvesting to keep the state safe from compromise.
Yeah, I know all this and agree that Yarrow makes a better /dev/urandom,
but it doesn't change the fact that Yarrow-256 is only good for 256 bits
of entropy between reseeding operations. You can pull all you want out of
it but will never get more than 256 bits until it reseeds.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007220111430.10998-100000>