Hello Juan! > why is it a > problem that ECL reads the amount of bytes that it reads now? Because the default pool in linux is 4kB (IIRC), so half of the 8kB that are read is pseudo-randomly generated anyway, and a different half is discarded by the "& 0xffffffff" line; so 8kB are read, but only 2kB of entropy are used.
The second problem is that the entropy that existed here gets _removed_ from the kernel pools; so every time ECL is started the pool is effectively emptied, which is a problem if there are other users that need entropy (SSL server, GPG usage, etc.) - because they might get blocked reading /dev/random, waiting for more entropy to accumulate. > And how does > reading less bytes provide the same initial entropy to the RNG? The ECL RNG will get _less_ entropy, of course. But the 16 bytes in my patch should be more than sufficient for normal use; and for real cryptographic needs (RSA/DSS/AES keys etc.) you should need /dev/random anyway, not some PRNG. Regards, Phil [forgot to sent to list] ------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1 _______________________________________________ Ecls-list mailing list Ecls-list@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecls-list
