Michael Graff writes:
> Simon Burge <simonb@telstra.com.au> writes:
> > Just a quick check - has work stalled on the in-kernel random number
> > generator?  I don't think I missed an announcement, but if it's ready
> > for the prime time, it should be uncommented out of the GENERIC kernels.
> 
> I feel it is, and wish it were.  However, Perry believes that we
> should instead use something based on Yarrow, but noone has
> volunteered to do the work.
> 
> I use the random generator all the time.  I see no problems with it,
> and I have tested it as much as I could, with the usual statistics.

Cryptography has the unfortunate property that something can "seem"
okay and be disasterous. Simple statistical tests don't tell you if an 
RNG is good. Things can look fine until you get screwed one
morning. Good random numbers and awful ones look the same at first glance.

Yarrow is based on good, solid analysis that the folks at Counterpane
did. Our generator is based on several generations of
roll-your-own. That's why I keep pushing this with you in private.

Perry