Ben Laurie writes: > > My proposed solution is intended so address, if not solve that > > problem, by preventing file writes from filling up the harvest > > queue. Yarrow already has pretty good data hashing; there is no > > point in duplicating that. > > Fine: then when the queue fills, run the Yarrow algorithm.
I can certainly trigger a reseed at will, but allowing external writes to overwhelm the system by doing a $ cat /dev/zero > /dev/random ... just ain't gonna happen. No, sir. > If not, then whatever you run instead must also be sound. XOR isn't. You have a way to go before you convince me on this one. I'll buy this argument if it is a routine/regular/risky ocurrence that the output of (say) $ ( ps -gauxwww ; netstat -arn ; sysctl -ao ) | gzip | ... ... can be demonstrated to have insignificant entropy when harvested using my proposed method. BTW - you may want to actually see the method. > > Note that I have already agreed that external preconditioning of > > the data is a good idea; I like the idea of compression and some > > external hashing (but not the speed of these duting boot). > > I don't, because you can't rely on it. That is, I'm not against it, > but we can't rely on it. You have to rely on something; Yarrow needs some entropy to cold-start, and on a freshly installed OS, this is rocking-horse shit. This is where BIG problems start because it is at this time that (eg) SSH keys are built. We make some effort to get the user to "kayboard bash", but experience has shown that annoyed users screw up, and annoyed engineers are often worse. On a properly shut-down box this is better-controlled as entropy can be cached for restart. What we have works; but for reasons discussed is imperfect. Proposed fixes make it better. Perfection will always be asyptotically unattainable. M -- Mark R V Murray Pi: 132511160 _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
