cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar

[Mark Murray]

Bruce M Simpson writes:
> > > http://www.cryptography.com/resources/whitepapers/index.html
> >
> > Actually, I have. I read it again, now, to be sure. Nothing it says
> > suggests that what I did here is a "huge mistake". Nearest I get is
> > the suggestion that the output from the on-chip RNG is used as a
> > source for a hash function (like Yarrow). I feel that is overkill,
> > and that the output of the on-chip RNG is sufficient.
>
> I'm inclined to trust your judgement here on this, Mark, but Nate does
> have a valid point; we need to be sure that the entropy sources are of
> sufficiently high quality or we risk compromising the system.
>
> If you could cite some independent tests for the VIA C3 on-chip RNG
> that would be very helpful to all.

How about Nate's paper? It gives the VIA C3 a very high assessment WRT
the quality of the entropy delivered.

If it is felt that further whitening of the VIA C3 RNG is needed,
then I believe that Yarrow would be overkill, and that a much smaller
hash function will be sufficient.

M
--
Mark Murray
iumop ap!sdn w,I idlaH