Mind running the timings with the legacy interfaces as well? We may
determine that the speed benefits are outweighed by the risks and
complexities of an older API, but it would be good to have the data so we
can make an informed decision.
https://www.openssl.org/docs/man1.0.2/crypto/md5.html
http
While I cannot speak specifically to NTP, SHA (without any suffix) has been
used on other contexts to mean SHA-1. I've also never encountered SHA-0
being used in any standard. So, if NTP is actually using it and it's not
just a misunderstanding, that would be a first for me. I suspect it is
SHA-1 t
If you are deeply concerned with speed, the older (less recommended)
interfaces for MD5 and SHA1 in OpenSSL are faster than the newer EVP
interface. (I don't have the numbers in front of me, but you may want to do
some benchmarking to see if you care.)
https://www.openssl.org/docs/man1.0.1/crypto/
Gary,
On Fri, Jan 6, 2017 at 4:48 PM Gary E. Miller wrote:
> ...
> Unless you believe, as many do, that RDRAND is backdoored.
>
> FeeBSD refuses to use RDRAND:
>
>
> http://arstechnica.com/security/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/
>
> OTOH, The Exa
Gary,
On Fri, Jan 6, 2017 at 12:34 PM Gary E. Miller wrote:
> Yo Greg!
>
> On Fri, 06 Jan 2017 05:52:29 +0000
> Greg Rubin wrote:
>
> > I'm still very interested in reading your longer response to my
> > comments regarding entropy and key generation. This is so
Very weird. Especially as I don't actually make changes which should cause
the errors you provided.
$ pyflakes ntpkeygen
$ pyflakes ntpkeygen.new
$ diff -u ntpkeygen ntpkeygen.new
--- ntpkeygen 2017-01-04 17:50:18.051264022 +
+++ ntpkeygen.new 2017-01-04 17:50:08.367264001 +
@@ -88
