Re: RFP: egd -- Entropy Gathering Daemon - userspace /dev/random written in perl
On Thu, May 02, 2002 at 06:32:56AM +0200, Robert Millan wrote:
> "EGD is an Entropy Gathering Daemon meant to be used on systems that can run
> GPG but which don't have this [/dev/random] convenient source of random bits."
hat might be what it claims to be, but it is still useful outside of
this context.
> This is not really useful on GNU/Linux. It would be useful on GNU for some
> time untill we have a complete random translator, but that translator
> gathering entropy from EGD makes the whole process slower.
It can be used on GNU/Linux to generate fairly good randomness without
draining the system random pool. One defect in the Linux random
implementation is that both urandom and random drain the same entropy
pool. If you don't need strong cryptographic random, you don't need
the secureness of /dev/random, but using /dev/urandom is basically a DoS
attack on /dev/random (bringing programs like gpg to their knees wrt
entropy).
> Why not just looking at EGD's sources to learn where does it take
> entropy from and incorporating that features to the translator?
It doesn't belong there. The translators job is only to mix together
the entropy sources and provide a stream of random numbers. It will
use (eventually) libchannel to access various sources, like the Mach
device, or the egd fifo, but it will not implement such sources itself.
(I might reconsider that, but I really don't see a need).
Thanks,
Marcus
--
To UNSUBSCRIBE, email to debian-hurd-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: