Charles M. Hannum wrote: > Most implementations of /dev/random (or so-called "entropy gathering > daemons") > rely on disk I/O timings as a primary source of randomness
This is not a new or unconsidered problem. Disk caching has always been a factor in disk I/O. /dev/random uses multiple sources of entropy. The idea is that some of the sources being deterministic does not diminish the entropy that comes from good sources, so all can be mixed in. And if your system does not have any good source of entropy, then you need to add one. See a discussion back in 2001 on linux-kernel mailing list for example: http://www.ussg.iu.edu/hypermail/linux/kernel/0104.1/0064.html -- Sidney Markowitz http://www.sidney.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
