> Don Davis <[EMAIL PROTECTED]> writes:
> > perhaps surprisingly, i disagree with the other
> > respondents. as long as you encrypt or MAC the
> > incoming packets (& their interarrival times),
> > with a closely-guarded secret key, before you
> > stuff the bits into your entropy pool, then you
> > should do fine.
>
> Eh? You should *never* need to encrypt information before shoving
> it in the pool. If you've got a secret you could use for such
> encryption, shove it in the pool and then forget about it - it will do
> precisely as much good.
I'm inclined to agree with Don here, from principles of conservative
cryptographic engineering. By using a keyed one-way function before
adding data to the pool, you add an additional layer of defense
against an attacker guessing the pool contents.
[The /dev/random designs i've played with typically have a "pre" pool
for efficient accumulation of samples at interrupt level or similar
inconvenient times, and a "real" pool, with the encryption/one way
hash occurring when the samples are added to the real pool.]
- Bill
