On 2012-Sep-04 15:59:45 -0700, Doug Barton <[email protected]> wrote: >I'm not sure I agree with that, since the combination of lower quality >input (the boilerplate) and higher quality (changing numbers) still >provides more bits to stir the pool with. Even though the average >quality is lower over the total number of bits I still think it's >probably more valuable to pump in the higher quantity given the internal >chewing that Yarrow does with the bits.
I don't understand the point of feeding boilerplate into Yarrow. Yes, it will stir Yarrow's internal state but it does so in a predictable way so it doesn't add any entropy. On the downside, it doesn't appear to be possible to queue more than 4KB of input every 100msec - excess input is just discarded. This implies that feeding boilerplate into /dev/random just increases the probability that real entropy will be discarded. -- Peter Jeremy
pgpkDGcOgi87q.pgp
Description: PGP signature
