>First, a reminder that the design goal of /dev/random proper is >information-theoretic security. That is, it should be secure against >an attacker with infinite computational power.
I am skeptical. I have never seen any convincing evidence for this claim, and I suspect that there are cases in which /dev/random fails to achieve this standard. And it seems I am not the only one. See, e.g., Section 5.3 of: http://eprint.iacr.org/2005/029 Fortunately, it doesn't matter whether /dev/random provides information-theoretic security. I have reasonable confidence that it provides computational security, and that is all that applications need. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/