X-Loop: openpgp.net
From: "Adam Back" <[EMAIL PROTECTED]>
> You either have a private key, or you don't. If you don't you don't
> have any entropy to generate a key, and have no a way to securely
> converse with the PRNG server. If you do, you get computational
> security by feeding your private key into /dev/random.
>
> You're not going to get anything better than computational security by
> having the PRNG server send you any -- the secure link only offers
> computational security.
Er... You're right, but I am still trying to figure out something to do with
my Yarrow implementation :) I can't write device drivers in Delphi; I could
write NT services, but when I'll get a computer, it will probably have 98 on
it; so the only thing I can see would be a TCP server which writes random
bytes continuously. [Of course, not the same on different connections - that
would defeat the idea.]
My intended target - Windows - doesn't have a /dev/random, so I can't feed
my private key into it ;) But I must confess I didn't realize the threat of
an Ethernet snooper (thanks, Mark!) so the secure communication is one more
thing to get right.
As I said, this is more like a game for me - like it was when I started
programming, or like it was when Romanians started writing literature: do
anything, just do it. It's a good way to learn stuff. Getting realistic -
figuring out uses for the stuff - can come later ;)
I know that one of my problems is working on Windows - but I like the
environment, and I like Delphi; until Kylix is released, I'm not interested
in Linux. [OTOH, just wait for it to be released... <g>]
Thanks for all the tips; I'm not trying to defend something flawed - just to
learn.
Mark
