[talk] FreeBSD RNG issue on -current only

Isaac (.ike) Levy ike at blackskyresearch.net
Tue Feb 17 21:42:53 EST 2015


On 02/17/15 21:00, George Rosamond wrote:
> Isaac (.ike) Levy:
>>
>> On February 17, 2015 03:12:24 pm EST, "George Rosamond"
>> <george at ceetonetechnology.com> wrote:
>>
>>> Mark Saad:
>>>>
>>>>
>>>> On 02/17/15 13:28, Brian Callahan wrote:
>>>>> Just in case anyone is running a recent FreeBSD -current:
>>>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html
>>>>>
>>>>
>>>> They also had to create keys in that said version. This also doesn't not
>>>> effect any release.
>>>
>>> Yes, it's current and all, and that should be made clear, but
>>> nevertheless it's disturbing.
>>>
>>> Isn't there some automated way to check and recheck entropy from output,
>>> instead of solely relying on the code?  Obviously, it couldn't find
>>> highly unlikely collisions, etc., but at least discover the most ugly
>>> instances?  Yes.. probably would require a lot of CPU...
>>>
>>> g
>>
>> I'm by no means an authority- but wouldn't testing using a tool like
>> ent(8) do the job, crudely even?
>>
>> http://www.fourmilab.ch/random/
>
> That's a cool tool... don't know why I hadn't seen it before.
>
> Anyone use it before?
>
> Seems useful for testing password entropy, at least.
>
> g

I first found it in a Calomel article,

https://calomel.org/entropy_random_number_generators.html

(I hear Bcallah loves these guys? ;)

Anyhow, fun article- but I'm no authority, and RNG is obviously a 
serious topic- so I don't want to pretend to suggest this as though it's 
an authoritative resource.

Best,
.ike





More information about the talk mailing list