-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>
> Perhaps someone on this list with more knowledge of cryptography can
> explain why using SHA by itself is not sufficient.
If you run out of entropy, then there is (at least in theory) a
possibility that if an attacker knows the previous output (say from a
random number recently generated) than he can might find correlation
effects that make further states more guessable. For the current use of
EntropyPool, it almost certainly doesn't matter. But if we start
generating session keys for block ciphers in the future, it probably
*isn't* sufficient.
This is especially a problem in the freenet server, since we don't have
access to system level entropy (such as interrupts). We have to make due
with a relatively few amount of non-deterministic events (currently, time
between requests for random numbers, time taken to transfer a message).
I certainly would agree with the argument that Yarrow is overkill,
however.
Scott
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4+9r3pXyM95IyRhURAnNwAKCBsZudnF5enz7TknwxIp+Jat/A8QCgkG07
btxCcVgtTZmZjnyCTPcE1vM=
=DATU
-----END PGP SIGNATURE-----
_______________________________________________
Freenet-dev mailing list
Freenet-dev at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
