Re: FreeBSD rnd bug

To: tech-security%NetBSD.org@localhost
Subject: Re: FreeBSD rnd bug
From: "J. Lewis Muir" <jlmuir%imca-cat.org@localhost>
Date: Fri, 20 Feb 2015 09:41:48 -0600

On 2/20/15 7:55 AM, Taylor R Campbell wrote:
> Yes, for cprng_strong.  However, statistical tests on the output of
> a cryptographic PRNG will not detect failure to seed it.  They will
> detect only catastrophic bugs in the PRNG itself.  (They will also
> sometimes spuriously fire, as is the nature of statistical tests on
> uniform random data.)

See Dilbert's tour of accounting:

  http://dilbert.com/strip/2001-10-25

:-)

Lewis

Follow-Ups:
- Re: FreeBSD rnd bug
  - From: Alexander Nasonov
- Re: FreeBSD rnd bug
  - From: Patrick Welche

References:
- Re: FreeBSD rnd bug
  - From: Taylor R Campbell

Prev by Date: Re: FreeBSD rnd bug
Next by Date: Re: FreeBSD rnd bug
Previous by Thread: Re: FreeBSD rnd bug
Next by Thread: Re: FreeBSD rnd bug
Indexes:

Home | Main Index | Thread Index | Old Index