On Fri, Sep 14, 2012 at 8:06 PM, Mark Murray <mark@grondar.org> wrote: > Ben Laurie writes: >> > I'll send patches (untested) in a couple of hours for discussion. >> >> I used to like this idea, but it can break pretty badly if you repeat >> input, so in the end I decided hashes were the only safe way. > > What??! Have you seen how Yarrow does its harvesting?? If you XOR into the as-yet-unharvested buffer, then appropriately aligned repeated input makes the buffer zero. > > Presupposing there is no other source of randomness to get swamped out of the way, > > $ cat /dev/zero > /dev/random # pretend that /dev/zero is finite length. > > ... is harmless, and actually adds a small bit of perturbation to the entropy. > > Please explain how repeating input can "break" things here? > > M > -- > Mark R V Murray > Pi: 132511160 > _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"