Subject: Re: CVS commit: syssrc/sys/dev/ic
To: Wolfgang Rupprecht <>
From: gabriel rosenkoetter <>
List: tech-kern
Date: 11/09/2001 19:11:13
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Nov 09, 2001 at 11:34:04AM -0800, Wolfgang Rupprecht wrote:
> Would pushing the "would-be entropy" through a crypto-system make it
> non-predictable enough to prevent such attacks?  Eg. if the
> inter-arrival time of packets was used to fill up an entropy pool and
> the fear was that someone could stuff the pool with known data then
> could running all the data through des/blowfish etc in some chained
> feedback mode put a real crimp in their style? =20

Neat idea. But isn't the point of passively collecting entropy for
/dev/random that it's passive? I mean, running all that passively
collected data through blowfish is going to cost you some
processor... and a significant percentage of processor on slower
machines (many of which we support).

       ~ g r @

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see