On Fri, Dec 24, 2010 at 1:53 AM, Marsh Ray <ma...@extendedsubset.com> wrote: > ... > So there are these many hundreds of lines of entropy management code in > OpenBSD implementing what is claimed to be a novel architecture for random > number generation and yet this guy, who is going around giving talks on it, > is expecting someone else to quantify it and "come forward with a paper"?
given the OpenBSD architecture and entropy consumption the performance and characteristics of random number generation and use is very context and architecture specific. while i agree this guy should have access to either his own or remotely accessible compatibility test cluster, he clearly is lacking applied test and measurement with sufficient detail "for a paper". in any case, did i mention good entropy is hard? :) > The burden of proof lies with the "amateur cryptographers" making the > security claims about it, not those questioning them. sure. perhaps the most frequent misconception is the model around entropy consumption in OpenBSD vs. most other unix and windows variants. OpenBSD in particular assumes significant and sustained use of random numbers in across kernel and userspace domains. this is a distinction conveniently negligible if you've got fast true random hardware entropy sources available. speaking of Cassandra complex, coming up on a decade of hw entropy advocacy [0] and still about the same level of progress as IPv6 core deployment... how many of you have a competent userspace entropy daemon funneling hardware sources into host pool? *grin* 0. VIA Padlock C5XL, C5P XSTORE http://www.mail-archive.com/openssl-dev@openssl.org/msg18264.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
