Subject: RE: replace kernel random number function
To: None <email@example.com>
From: =?iso-8859-1?Q?Stefan_H=FClbrock?= <firstname.lastname@example.org>
Date: 10/23/2000 15:50:24
I'd prefer it to run in the kernel because there a random pool
can be gathered from the interrupts...
surely this pool needs to be hashed before data is delivered
to the user process.
Did anyone take a look at the linux kernel driver (sorry for this).
It looks very promising to me. I guess a similar conectpt can be
built into NetBSD also. (Or can someone point out what
the problems connected to this are?)
Have a nice day...
> In message <email@example.com>, firstname.lastname@example.org writes:
> >>Where will you get the seeds? That's the really hard part.
> > i thought of reseeding by rnd(4) random number device, like
> > every N seconds.
> >>The right thing to do would be to port yarrow (see www.counterpane.com,
> >>though I don't have the link available just now and I'm offline when
> >>writing this). Unfortunately, it's filled with lots of DLL-ish things.
> > hmm, i'm sure we can strip DLL-ish part off.
> The point of yarrow is to do that reseeding in a cryptographically
> sound way. (I'd frankly rather it ran in user space, of course.)
> --Steve Bellovin