Re: randomdev entropy gathering is really weak

[Kris Kennaway]

On Sat, 22 Jul 2000, Mark Murray wrote:

> Lots of references: Schneier's "Applied Cryptography" talks about
> using Good Hashes for crypto and Good Crypto for hashes. Schneier's
> site at www.counterpane.com will give you plenty.

I havent been able to get my hands on Applied Cryptography, but I don't
recall seeing anything like this on the website. I'll check again.

> The differnce with the old system and Yarrow is yarrow's self-recovery
> property; Yarrow screens its internal state from the ouside world
> very heavily, and provides enough perturbation of it from its
> copious :-) entropy harvesting to keep the state safe from compromise.

Yeah, I know all this and agree that Yarrow makes a better /dev/urandom,
but it doesn't change the fact that Yarrow-256 is only good for 256 bits
of entropy between reseeding operations. You can pull all you want out of
it but will never get more than 256 bits until it reseeds.

Kris

--
In God we Trust -- all others must submit an X.509 certificate.
    -- Charles Forsythe <[EMAIL PROTECTED]>




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message