Re: randomdev entropy gathering is really weak

[Stefan `Sec` Zehl]

On Sun, Jul 23, 2000 at 03:06:34PM +0200, Poul-Henning Kamp wrote:
> In message <[EMAIL PROTECTED]>, Stefan `Sec` Zehl writes:
> >With the current approach it has a 256bits key. This is, in my eyes, not
> >good. Although yarrow is nice, It's suited for any kind of key
> >generation.
> 
> The first law of crypto clearly states: "Know what you're doing".
> 
> There is no way around that law.
> 
> We cannot load down FreeBSD with impossibly heavy computations to
> cater for any and all conceiveable application of random numbers.

But FreeBSD should provide a way to get truely random numbers when it
asks for them. /dev/random was invented so the applications don't have
to bother with entropy-gathering. I agree that yarrow is good, but we
need some way to get really random numbers. Maybe call it /dev/rrandom.
The way Kris describes it, it won't really use cpu time until it is
read. 

CU,
    Sec
-- 
> I even remember having a private exchange of messages with you about other
> possible approaches to that problem. :-)
Hopefully, these approaches involved slowly crushing of tender body parts.
                                    -- Liviu & Wietse about broken Mailers
~


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message