Re: svn commit: r239569 - head/etc/rc.d
On Tue, 11 Sep 2012 13:28:51 +0200
Dag-Erling Sm=F8rgrav wrote:
> Doug Barton <dougb@FreeBSD.org> writes:
> > 1. Pseudo-randomize the order in which we utilize the files in
> > /var/db/entropy
>=20
> There's no need for randomization if we make sure that *all* the data
> written to /dev/random is used, rather than just the first 4096 bytes;
> or that we reduce the amount of data to 4096 bytes before we write it
> so none of it is discarded. My gut feeling is that compression is
> better than hashing for that purpose,
It's analogous to a passphrase, have you ever heard of a
passphrase being compressed rather than hashed?=20
The only good reason for compression is if compression+hashing is
faster than hashing, and that sounds unlikely.
You all seem to be making very heavy weather of this - all that's needed
is to pass the low-grade stuff through a hash of your choice and then
follow that with the entropy file to fill-up the remaining 4k.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 69 之 145 篇):