> From the Yarrow paper:
> ``Yarrow's outputs are cryptographically derived. Systems that
> use Yarrow's
> outputs are no more secure than the generation mechanism used.''
> We currently have Yarrow-256(Blowfish); wanna make it Yarrow-1024? I could
> make it so.
> M
> --
> Mark Murray

        It doesn't matter if it's Yarrow-256, Yarrow-1024, or Yarrow-1000000000.
/dev/random should block if the system does not contain as much real entropy
as the reader desires. Otherwise, the PRNG implementation will be the
weakest link for people who have deliberately selected higher levels of
protection from cryptographic attack.


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to