> I dunno about you, but I want good random for session keys too! You can
> still capture network traffic and decrypt at your leisure if you can
> determine what the "random" number was used in making the session key.
That's why the pool is hashed before use. Modulo the seeding issue,
there is an implicit assumption in this argument that EITHER the
hash is breakable, OR we might as well scrap the entropy stuff entirely
and never block and speed up lots of applications that occasionally
block as a biproduct. The position that the hash is unbreakable
and never will be breakable, BUT we still need to block, is only
tenable in the context of initial seeding (AFAICS).
-- Alex Bligh - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 23 2001 - 21:00:44 EST