svn commit: r239569 - head/etc/rc.d
David O'Brien
obrien at FreeBSD.org
Tue Sep 11 20:09:27 UTC 2012
On Tue, Sep 11, 2012 at 08:53:02PM +0100, RW wrote:
> On Tue, 11 Sep 2012 13:28:51 +0200 Dag-Erling Smørgrav wrote:
> > so none of it is discarded. My gut feeling is that compression is
> > better than hashing for that purpose,
>
> It's analogous to a passphrase, have you ever heard of a
> passphrase being compressed rather than hashed?
>
> The only good reason for compression is if compression+hashing is
> faster than hashing, and that sounds unlikely.
Good to see someone have thoughts on this.
I've only seen it stated that entropy passes thru mostly "untouched" thru
a cryptographic hash in the literature. I haven't seen anything mentioned
about entropy thru a compression algorithm other than as an estimation
of entropy.
> You all seem to be making very heavy weather of this - all that's needed
> is to pass the low-grade stuff through a hash of your choice and then
> follow that with the entropy file to fill-up the remaining 4k.
Or fill-up the 4k buffers with high-quality entropy, and add in the
low-grade stuff if there is room.
--
-- David (obrien at FreeBSD.org)
More information about the freebsd-security
mailing list