While we're on the subject of /dev/[u]random, has anyone
looked at the new FreeBSD 5.3 version? I recently installed
5.3, and much to my surprise they have got rid of the random
component, and are now only using the urandom part (they
have a symlink in place).
localhost$ ls -l /dev/*random
crw-rw-rw- 1 root wheel 249, 0 Dec 26 11:41 /dev/random
lrwxr-xr-x 1 root wheel 6 Dec 26 11:41 /dev/urandom -> random
localhost$ time dd if=/dev/random bs=1k count=100000 of=/dev/null
100000+0 records in
100000+0 records out
102400000 bytes transferred in 7.526354 secs (13605525 bytes/sec)
real 0m7.532s
user 0m0.125s
sys 0m6.979s
(Also, there is a startup script that asks for initial type-in
entropy on install - mine broke and didn't clearly indicate
its state...).
Personally, I quite liked the random v. urandom separation.
It gave you choice. Now, I feel tempted to go back to doing
the entropy in my own code and not relying on FreeBSD,
because I lack a feel-good factor represented by the block
that occurs when entropy runs out.
But, these are ignorant, external speculations...
iang
Enzo Michelangeli wrote:
This "entropy depletion" issue keeps coming up every now and then, but I
still don't understand how it is supposed to happen. If the PRNG uses a
really non-invertible algorithm (or one invertible only with intractable
complexity), its output gives no insight whatsoever on its internal state.
As entropy is a measure of the information we don't have about the
internal state of a system, it seems to me that in a good PRNGD its value
cannot be reduced just by extracting output bits. If there is an entropy
estimator based on the number of bits extracted, that estimator must be
flawed.
Enzo
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
