Date: Thu, 08 Jun 2000 21:05:53 -0400 From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Mark Murray <mark@grondar.za> Cc: arch@FreeBSD.ORG, bde@FreeBSD.ORG, dfr@FreeBSD.ORG, pkh@FreeBSD.ORG Subject: Re: (3rd iteration) New /dev/(random|null|zero) - review, please Message-ID: <394042F1.7CDDC16D@vangelderen.org> References: <200006082058.WAA01487@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Mark Murray wrote: > > (Some more improvements have been done - 3rd iteration) > > Hi > > I have finished doing a MI /dev/null and /dev/zero, and I have got a > new /dev/random. I'm looking for reviewers. > > The code is in http://freefall.freebsd.org/~markm/. There is a tar > file and diffs (all for the sys/ area). Some other supplementary patches > are needed in userland, these are not included. > > I like to think that this is a commit candidate. Please review as such. I think you should wait until Yarrow is ready and actually gathers entropy. The /dev/[null|zero] bits should go in though. [...] > o Much better module system (no SYSINIT, rather DEV_MODULE). Thanks. > o In anticipation of different cryptosystems, use Blowfish instead > of SHA1/DES3. I am open to the use of other algorithms; I used > Blowfish because 1) its already in the kernel and 2) _I_ have > not yet seen a decent cryptanalysis of it. (This may change) The rule generally is: if there is no decent cryptanalysis, don't use the algorithm; Not the other way around. I pointed out in an earlier email that Blowfish has very low key agility and as such is not a good candidate for Yarrow because there is a factor 53(!) overhead for each block you output. If you want to use an algorithm that's already in the kernel, use CAST5. An alternative is to import one of the 5 AES finalists and use it for the time being (on the premise that AES will go into the kernel when it's chosen). AES candidates have a 128-bit blocksize which is better than 64 in this case. This would be my recommendation. Cheers, Jeroen -- Jeroen C. van Gelderen o _ _ _ jeroen@vangelderen.org _o /\_ _ \\o (_)\__/o (_) _< \_ _>(_) (_)/<_ \_| \ _|/' \/ (_)>(_) (_) (_) (_) (_)' _\o_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?394042F1.7CDDC16D>