2010/12/21 Theo de Raadt <dera...@cvs.openbsd.org>: > HANG ON. > > Go look at the function random_seed() in /usr/src/etc/rc > Then look at when it is called.
so, the current state of the PRNG will be preserved during reboots. Good. That gives some information about system entropy, which will be "good" at all times, except for the very first boot of an installation. See : rnd.c: randomwrite() -> add_entropy_words(); However, arc4_stir will still be called once after every reboot. During its first call, the value of nanotime() will be placed at the beginning of buf, which is then beeing used to init the rc4 context. So, at the first glance it looks like using the value of nanotime() in arc4_stir is not necessary at all, as there will allways be enough system entropy. At least I would XOR the value of nanotime() to buf, instead of just prepending it. MD5 and the like does not seem to be necessary, as buf will allways contain some good random data. Reagards Kurt Knochner http://knochner.com/