On Fri, Oct 01, 2010 at 10:45:30AM +0200, Massimo Lusetti wrote:
> On Wed, 29 Sep 2010 Theo de Raadt <dera...@cvs.openbsd.org> wrote:
> > [Ted Unangst wrote: -- Joachim Schipper]
> > > [/dev/arandom] is more efficient. There is almost always enough entropy
> > > for
> > > arandom, and if there isn't, you would have a hard time detecting
> > > that.
> >
> > There is always enough. The generator will keep moving, until it has
> ^^^^^^^^^^^^^^^^^^^^^^^
>
> Like "64K will be enough for everyone" ? ;) ... please put it in theo.c
No, as in "always enough". (A)RC4 is a pseudorandom generator/stream
cipher, which means[1] that it turns a small chunk of random data into
an infinite[2] stream of (pseudo-)random data.
And if we're going to add stuff to theo.c, I'd be more partial to "oh,
but linux people told you it was the best.", a few message upthread.
Joachim
[1] Well, the mathematical object it's instantiating has this property
(by definition). We hope that (A)RC4 does too; so far, nobody has been
able to break (A)RC4 (with modern countermeasures like discarding the
first part of the output.)
[2] For all practical purposes, at least. Like any algorithm with finite
state, (A)RC4 will eventually enter a (long!) cycle. Note that
/dev/arandom is also re-seeded with fresh entropy, so you could indeed
consider it infinite.
--
TFMotD: arithmetic (6) - quiz on simple arithmetic
http://www.joachimschipper.nl/
