[16282] in cryptography@c2.net mail archive
Re: Linux-based wireless mesh suite adds crypto engine support
daemon@ATHENA.MIT.EDU (Ben Laurie)
Wed Oct 6 13:23:44 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 06 Oct 2004 13:39:39 +0100
From: Ben Laurie <ben@algroup.co.uk>
To: John Gilmore <gnu@toad.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <200409302225.i8UMPv8P001170@new.toad.com>
John Gilmore wrote:
> Crypto hardware that generates "random" numbers can't be tested in
> production in many useful ways. My suggestion would be to XOR a
> hardware-generated and a software-generated random number stream. If
> one fails, whether by accident, malice, or design, the other will
> still randomize the resulting stream. Belt AND suspenders will keep
> your source of randomness from being your weakest link.
I think it'd sometimes be better to feed them both into a pool rather
than xoring them, since they might go at radically different rates, and
xor would limit you to the slower of the two. Of course, for some threat
models that would be the right thing.
Cheers,
Ben.
--
ApacheCon! 13-17 November! http://www.apachecon.com/
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
