> Would a public PRNG (Yarrow?) server be of any use? I suppose it could be
> done as a proof-of-concept, or as another source of entropy for an internal
> PRNG... and the trust issue could be dealt with just as you deal with the
> Intel PRNG. IMO, the bandwidth would be the limitation here; an intranet
> (LAN) PRNG might be better.
You'd need to prtect the numbers thus served; they'd be no use if
an ethernet snooper could pick them up, so the distribution channel
should be at least encrypted. (SSH and SSL could both be used).
> I'm asking this because I think that a big problem with PRNGs is that the
> application is the more difficult part - securing the seed file, making sure
> the entropy into the system is correct, and any other issues I can't think
> of right now. It would be easier to set them up *correctly* on one computer
> than on many, and at most the randomness-demanding applications on the
> client computers could "fall back" on the server.
Interesting idea! You could take it further and put some decent hardware
RNG(s) on the server as well.
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
