[5266] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: depleting the random number generator -- repeated state

daemon@ATHENA.MIT.EDU (bram)
Wed Jul 28 16:15:33 1999

Date: Wed, 28 Jul 1999 12:54:44 -0700 (PDT)
From: bram <bram@gawth.com>
To: Jon Callas <jon@callas.org>
Cc: "Arnold G. Reinhold" <reinhold@world.std.com>, cryptography@c2.net
In-Reply-To: <v0421011db3c4f5b977db@[38.232.7.7]>

On Wed, 28 Jul 1999, Jon Callas wrote:

> I never directly add in entropy
> deposits. I run a separate entropy pool that is hash-based, and
> periodically tap that pool to update the secondary pool. I get really
> nervous about adding entropy directly into a single pool. I also like to
> capitalize on the properties of hash functions for prepping the entropy.

You basically have to do that to prevent chosen entropy attacks, and it's
a good idea to pool the entropy anyway to prevent continuation attacks.

-Bram


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[5266] in cryptography@c2.net mail archive

Re: depleting the random number generator -- repeated state

daemon@ATHENA.MIT.EDU (bram)Wed Jul 28 16:15:33 1999

daemon@ATHENA.MIT.EDU (bram)
Wed Jul 28 16:15:33 1999