Proposed fix; stage 1 (Was: svn commit: r239569 - head/etc/rc.d)
RW
rwmaillists at googlemail.com
Sun Sep 16 23:46:31 UTC 2012
On Sun, 16 Sep 2012 17:21:21 +0100
Mark Murray wrote:
> Part 3 will be the addition of another choice of software PRNG;
> Fortuna. Fortuna is MUCH more resilient to attack,
Fortuna is much more resilient to types of attack that're probably
never going to happen.
Potentially Fortuna could be much worse against real world attacks
because it spreads the entropy very thinly across the 32 (or more)
pools. During the boot most entropy will go into pools that wont
contribute until it's too late to be of use.
I think Fortuna has a lot of merit, but it needs to be modified to be
practical as a UNIX /dev/random. For example instead of looping each
entropy source around the 32 pools, just loop up to the first pool that
never been consumed.
More information about the freebsd-security
mailing list