In message <[email protected]> on Tue, 1 May 2018 10:43:17 +0200, Kurt Roeckx <[email protected]> said:
kurt> If you actually follow SP800-90B, you should make a theoretical kurt> model of how much entropy you expect, and then use the tool kurt> to verify that your model is correct. Errrr... look, I'm kind of a rookie in this particular area, so errr, I'm not sure I have the knowledge to think of a theoretical model. Given a crash course, I can probably come up with *something*, but at this moment, I don't know where to start. A side note to this discussion, the way the rand pool routines are currently implemented, specifically rand_pool_bytes_needed(), we cannot handle a source with less than 1 entropy bit per 8 bits of data. Or well, it can, if that particular routine isn't used, but considering it's a fairly crucial routine for entropy acquisition, I'd say it needs a small change. PR coming up. Cheers, Richard -- Richard Levitte [email protected] OpenSSL Project http://www.openssl.org/~levitte/ _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
