On Fri, Aug 16, 2013 at 11:42 AM, Tony Arcieri <basc...@gmail.com> wrote:
> On Fri, Aug 16, 2013 at 6:32 AM, shawn wilson <ag4ve...@gmail.com> wrote: > >> I thought that decent crypto programs (openssh, openssl, tls suites) >> should read from random so they stay secure and don't start generating >> /insecure/ data when entropy runs low. > > > This presumes that urandom is somehow more "insecure", which is not the > case despite the ancient scare-language in the manpage. The security of all > stream ciphers rests in secure CSPRNGs. Meanwhile, /dev/random is not > robust: > > https://cs.nyu.edu/~One of the > prdodis/ps/rng.pdf<https://cs.nyu.edu/~dodis/ps/rng.pdf> > > -- > Tony Arcieri > > Not for nothing, but that refers to both random and urandom, showing one problem with the entropy estimation, and another with the pool mixing function.
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography