Re: randomdev entropy gathering is really weak

[Paul Herman]

On Tue, 18 Jul 2000, Poul-Henning Kamp wrote:

> In message <[EMAIL PROTECTED]>, Vadim Belman writes:
> 
> >     I mostly agree, but let's put it other way. A rare situation with a
> >local network with no external connection, no NTP servers. Just a server(s)
> >plus several clients. At least some of the clients are being treated as
> >untrusted (consider public terminals) and server has some critical
> >information on it.
> 
> Nobody talked about relying on *only* NTP for entropy, quite the 
> contrary in fact.

Just to quickly jump in (and out) here, I recall a thread that went on
for weeks in sci.crypt at the beginning of this year about the same
thing.  Before you all reinvent the wheel (and make this thread any
longer), I would suggest sauntering on over to dejanews.

For those who were patient enough to get past the usual banter, it was
quite enlightening, indeed.  They certainly have more of a clue about
these things than I would ever hope to have.

(Yes, they also talked about using NTP servers for gathering entropy.)

-Paul.




To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message