> > The situation is _worse_; the entropy is minimal, and is _very_ attackable.
> What's wrong about timers for enthropy (I mean high resolution ones)?
> Really we need only few bytes of enthropy and can use them to seed RNG for the 
> first time if no true randomness available. To be joking: MD5 of kernel module 
> can help too :-)

getnanotime() is already extensively used; we just need to force the 
RNG to reseed once at the beginning. As soon as I'm happy that the
code is panic-free, I'll commit it.

Mark Murray
Join the anti-SPAM movement: http://www.cauce.org

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to