On Sun, 18 Jul 1999, Bill Stewart wrote: > /dev/urandom will give you pseudo-random bits if it's run out of entropy, > so you've got the security risks inherent in that. > As David Honig points out, you can't avoid those alternatives, Yes you can, if there's a 'pool' of entropy in memory which contains a cryptographycally large number of bits and it's both mixed and extracted from in a cryptographically secure way then the need for constant reseeding is eliminated, although it's still helpful. The paper on Yarrow explains the threat model pretty well - http://www.counterpane.com/yarrow.html > so if you need the high quality randomness, you need hardware randomizers. Those are helpful as well, but should still never be used in the raw - their entropy output should be estimated conservatively and fed into a reseedable PRNG. -Bram
- Re: depleting the random number generator Eugene Leitl
- Re: depleting the random number generator bram
- Re: depleting the random number genera... Eugene Leitl
- Re: depleting the random number ge... bram
- Re: depleting the random numb... Sandy Harris
- Re: depleting the random number genera... Donald E. Eastlake 3rd
- Re: depleting the random number ge... Eric Murray
- Re: depleting the random number generator Russell Nelson
- Re: depleting the random number generator Mike Brodhead
- Re: depleting the random number generator Bill Stewart
- Re: depleting the random number generator James A. Donald
- Re: depleting the random number generator David Honig
- Re: depleting the random number generator Ben Laurie
- Re: depleting the random number generator Bill Stewart
- Re: depleting the random number generator Ben Laurie
- RE: depleting the random number generator Enzo Michelangeli
