cvs commit: src/sys/modules/random Makefile src/sys/dev/random
harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c
randomdev.h randomdev_soft.c randomdev_soft.h yar
dwmalone at maths.tcd.ie
Mon Apr 12 14:35:22 PDT 2004
> I think the old /dev/random caused more problems than it solved. Most
> apps just used /dev/urandom to avoid all the end-user questions about
> the blocking.
I largely agree.
> And the beauty of the Yarrow PRNG is that as long as you have enough
> initial entropy to get started, you can pull as many bytes as you want
> and still remain cryptographically strong (within some very high limit
> of like 2^120 bytes before the next re-keying).
It is still no good for generating keys that have more unpredictable
bits than Yarrow's internal state, unless you can be sure that it
has reseeded. For example, the Yarrow paper notes that there is no
point using Yarrow-160 for generating 256 bit block cipher keys and
that using it for things like one time pads are right out.
More information about the cvs-src