Michael Wojcik wrote:
> Here are a couple more techniques for generating some entropy. Like the
> ones Lutz and Bill have been discussing, they have drawbacks - in
> particular, there's no guarantee how much entropy they'll produce, or how
> quickly.
Quite so -- even hardware RBGs have very limited bitrates in output,
making them more suitable for seeding a PRNG...
> 2. The SRP distribution includes (or used to include, as of version 1.4.4)
> CryptoLib 1.1, by Jack Lacy, Don Mitchell, and Matt Blaze. CryptoLib...
cryptolib fails miserably (for some reason I have yet to determine) on the
one flavor of Linux I tried it with (RH 6.2) -- works fine with Solaris
and *BSD.
Yarrow has the advantage of being devised by skilled self-promoter,
but the emerging class of RNGs based on iterated nested hash functions
(see RFC 2104) has the advantage of being based on provable security
characteristics (see also: http://www.research.ibm.com/security/keyed-md5.html).
I suspect these to gain some prominence in this calendar year.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
