|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andrew Archibald (aarchiba
yahoo.com)Date: Tue Apr 03 2001 - 15:04:47 CDT
Werner Koch <wkgnupg.org> writes:
> On Mon, 2 Apr 2001, Bill Stewart wrote:
>
> > If you want something "faster than /dev/random,
> > but slower and more secure than /dev/urandom",
>
> Please don't forget that /dev/random and /dev/urandom is about the
> same device, the only difference is that /dev/urandom falls into a
> PRNG mode instead of blocking. Continuously reading from
> /dev/urandom will make /dev/random block.
Is this a good property? That is, should a CSPRNG use as much entropy as
is available to protect against key compromise, or should it be skimpier,
leaving more entropy for /dev/random? Since /dev/random is supposed to be
used only rarely, it might even be good to keep it from using "stale"
entropy.
> > - use the seed to drive an PRNG, such as RC4-128,
> > which you XOR with /dev/urandom.
>
> thereby wasting precious random bytes.
Clearly if a good stream cipher is available, you are better off using
precious random bytes to change the key from time to time.
Andrew
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]