Re: FreeBSD rnd bug

To: Fredrik Pettai <pettai%nordu.net@localhost>
Subject: Re: FreeBSD rnd bug
From: Taylor R Campbell <campbell+netbsd-tech-security%mumble.net@localhost>
Date: Fri, 20 Feb 2015 13:55:43 +0000

   Date: Fri, 20 Feb 2015 12:24:14 +0100
   From: Fredrik Pettai <pettai%nordu.net@localhost>

   Are there any (continues) selftests performed on the data that
   comes out of fast/strong?

Yes, for cprng_strong.  However, statistical tests on the output of a
cryptographic PRNG will not detect failure to seed it.  They will
detect only catastrophic bugs in the PRNG itself.  (They will also
sometimes spuriously fire, as is the nature of statistical tests on
uniform random data.)

Follow-Ups:
- Re: FreeBSD rnd bug
  - From: J. Lewis Muir

References:
- Re: FreeBSD rnd bug
  - From: Fredrik Pettai

Prev by Date: Re: FreeBSD rnd bug
Next by Date: Re: FreeBSD rnd bug
Previous by Thread: Re: FreeBSD rnd bug
Next by Thread: Re: FreeBSD rnd bug
Indexes:

Home | Main Index | Thread Index | Old Index