cvs commit: src/sys/modules/random Makefile src/sys/dev/random harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c randomdev.h randomdev_soft.c randomdev_soft.h yar

Bruce M Simpson bms at
Sat Apr 10 01:27:11 PDT 2004

On Fri, Apr 09, 2004 at 07:34:44PM +0100, Mark Murray wrote:
> Nate Lawson writes:
> > This is a huge mistake.  At the very minimum, I take it you never read our
> > paper.
> > 
> >
> Actually, I have. I read it again, now, to be sure. Nothing it says
> suggests that what I did here is a "huge mistake". Nearest I get is
> the suggestion that the output from the on-chip RNG is used as a source
> for a hash function (like Yarrow). I feel that is overkill, and that
> the output of the on-chip RNG is sufficient.

I'm inclined to trust your judgement here on this, Mark, but Nate does have
a valid point; we need to be sure that the entropy sources are of sufficiently
high quality or we risk compromising the system.

If you could cite some independent tests for the VIA C3 on-chip RNG that
would be very helpful to all.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 167 bytes
Desc: not available
Url :

More information about the cvs-src mailing list