-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 09/11/12 14:27, RW wrote: > On Tue, 11 Sep 2012 13:54:41 -0700 Xin Li wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 >> >> On 09/11/12 12:53, RW wrote: >>> On Tue, 11 Sep 2012 13:28:51 +0200 Dag-Erling Smørgrav wrote: >>> >>>> Doug Barton <[email protected]> writes: >>>>> 1. Pseudo-randomize the order in which we utilize the files >>>>> in /var/db/entropy >>>> >>>> There's no need for randomization if we make sure that *all* >>>> the data written to /dev/random is used, rather than just the >>>> first 4096 bytes; or that we reduce the amount of data to >>>> 4096 bytes before we write it so none of it is discarded. My >>>> gut feeling is that compression is better than hashing for >>>> that purpose, >>> >>> It's analogous to a passphrase, have you ever heard of a >>> passphrase being compressed rather than hashed? >> >> Passphrase hashing is a completely different topic, as what we >> wanted is a one-way function that can not be easily reversed, >> even when part of the passphrase is known. > > I was refering to the conversion of a passphrase to key material
Did you mean the process like, deriving a master AES-128 key from an arbitrary passphrase? Cheers, - -- Xin LI <[email protected]> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBCAAGBQJQT656AAoJEG80Jeu8UPuz88kH/2dOUicwPw2yQBF5lFzljkS4 wiQbDaDKdvSFgCyPF3RJB8y91WRiDRLjuhMl84zflyVlXKUnZrf8yD649h8I/jCO 7FcZTorgSdN6BA/6lpEg6bQxhMlROInVcOIiN5uSy2FUcme34qvQXkv8P+toKXZi vsTahuvHtZdL9rYw44vZcpCyNiPx6NiBAOwPMPHmQHRuxbMlEjKwHz2rJQmnkml+ iXo7UFuF43X5Sw0HWFQzJepwNhUaD1IEWMSg8GIoO3euv2kYtn7CSHd76W39tiCk qaOBOtX0MN8JNlm/ph8bXaCA8iez63mTwj3ALRE/JkaHa0AF2U9RVJIV1Y8mR/E= =FVY0 -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-rc To unsubscribe, send any mail to "[email protected]"
