Date: Sat, 10 Apr 2004 09:27:05 +0100 From: Bruce M Simpson <bms@spc.org> To: Mark Murray <mark@grondar.org> Cc: Nate Lawson <nate@root.org> Subject: Re: cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar Message-ID: <20040410082705.GR710@empiric.dek.spc.org> In-Reply-To: <200404091834.i39IYi0w060497@grimreaper.grondar.org> References: <20040409103618.A48723@root.org> <200404091834.i39IYi0w060497@grimreaper.grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--/0U0QBNx7JIUZLHm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 09, 2004 at 07:34:44PM +0100, Mark Murray wrote: > Nate Lawson writes: > > This is a huge mistake. At the very minimum, I take it you never read = our > > paper. > >=20 > > http://www.cryptography.com/resources/whitepapers/index.html >=20 > Actually, I have. I read it again, now, to be sure. Nothing it says > suggests that what I did here is a "huge mistake". Nearest I get is > the suggestion that the output from the on-chip RNG is used as a source > for a hash function (like Yarrow). I feel that is overkill, and that > the output of the on-chip RNG is sufficient. I'm inclined to trust your judgement here on this, Mark, but Nate does have a valid point; we need to be sure that the entropy sources are of sufficien= tly high quality or we risk compromising the system. If you could cite some independent tests for the VIA C3 on-chip RNG that would be very helpful to all. Regards, BMS --/0U0QBNx7JIUZLHm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: '' iD8DBQFAd6/YueUpAYYNtTsRAhkPAKCHp6NtcC7mWjjlPrqoNDTQyhu9UwCff4Nc cu7PwaXin8UC47D/l/LHMb0= =WViR -----END PGP SIGNATURE----- --/0U0QBNx7JIUZLHm--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040410082705.GR710>