On Fri, Sep 14, 2012 at 8:06 PM, Mark Murray <[email protected]> wrote: > Ben Laurie writes: >> > I'll send patches (untested) in a couple of hours for discussion. >> >> I used to like this idea, but it can break pretty badly if you repeat >> input, so in the end I decided hashes were the only safe way. > > What??! Have you seen how Yarrow does its harvesting??
If you XOR into the as-yet-unharvested buffer, then appropriately aligned repeated input makes the buffer zero. > > Presupposing there is no other source of randomness to get swamped out of the > way, > > $ cat /dev/zero > /dev/random # pretend that /dev/zero is finite length. > > ... is harmless, and actually adds a small bit of perturbation to the entropy. > > Please explain how repeating input can "break" things here? > > M > -- > Mark R V Murray > Pi: 132511160 > _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
