[147768] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] on RNGs, VM state, rollback, etc.
daemon@ATHENA.MIT.EDU (Nemo)
Sun Oct 20 14:16:01 2013
X-Original-To: cryptography@metzdowd.com
From: Nemo <nemo@self-evident.org>
To: cryptography@metzdowd.com
Date: Sun, 20 Oct 2013 10:56:56 -0700
In-Reply-To: <71CE0416-227F-45C8-890F-D4071F0FEE23@gmail.com> (John Kelsey's
message of "Sat, 19 Oct 2013 15:19:20 -0400")
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
John Kelsey <crypto.jmk@gmail.com> writes:
> What would break if /dev/random became something that only provided
> cryptographic strength random bits instead of full entropy bits, but
> never blocked except at startup?
What would break is the /dev/random maintainers' brains.
This exact same discussion comes up every 5-10 years. At some point, one
or more people who actually know something about cryptography give a
critique of the unanalyzable continuously moving target that is Linux
/dev/random.
For example:
https://lkml.org/lkml/2005/4/14/61
And every time, the Linux /dev/random maintainer(s) demonstrate why
he/they should never be allowed anywhere near cryptographic code.
Good luck fixing this.
- Nemo
https://self-evident.org/
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography