[Cryptech Tech] Avalanche noise test boards
Joachim Strömbergson
joachim at secworks.se
Sun Aug 24 15:02:52 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Benedikt Stockebrand wrote:
> My point is not that Fortuna should be used these days, but that
> anybody still using Yarrow ten years after a significantly improved
> successor has been published is obviously not keeping up with current
> advances in the area.
Because Yarrow is deemded to be good enough?
Other OSes uses or has been using much more suspect, ad hoc and less
well designed algorithms than FreeBSD with Yarrow.
I agree with you that Fortuna seems to be a much better algorithm. And
esp the entropy estimation part of Yarrow is troublesome. This paper
gives a good boost for Fortuna:
https://www.schneier.com/blog/archives/2014/03/the_security_of_7.html
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJT+f6cAAoJEF3cfFQkIuyNRU0P/2oFcuy5fFj++iCikV2Dyi6p
3Kp0yRP+ziU90B8GDDuDFwwZ7HFcN7afNrNFY0eLbN3LIooh/PnC9JssvMuj5QZ9
teGybqQzcdLUV2cuErl/A0FiSr1US9CK1BO9F6xwpF7n5XH+epgbtOvFk1H73LDF
FHDXZGTl23nz95qKNJkzIhyRMDJzRs8r61v9Srn50LPI70/DytuB9fJEXOnIPfPt
PD0UuN1RsdqGBDPIohXYDwdwghsw0a2WaJooK8b+ETAApjtFFNvQi4VGyd30iye0
2LyB6oLg7Xw6fYKGQPnGPv9bLHcunEc0aQ5wFSItIYjs7x6RypDtDirXaRKMDnAH
gz1DhjNAb9/K5HmzABrGrqIvEVRWg3DCxz95/dd9aNYgpRNO8Lws8hjdydEY2cx4
7RjsltjquU6sx8JVyXc8/uL6i5r3sPguSjkYMAA4ZCIBzZp4HMSTA9CL6th7BlyK
EAaruKrifuxLyPxo3Zbz+j8OcOVCw6Ku3oIsgIoUiW1xxja6io6xrASllTG27zIq
cBuewJCg8r2urZRKmRfL+NgVvclWH6LJIabyKG9f30aMGgosOUVUx/FGpqFmuigS
68ISw7doF6rlAaKvEqqFIoWSmEgZem1MysJuK9NtFehyMRg/QnAKcnPNk9ru7nkF
DS09QUIAxE015svOOz8e
=/ln6
-----END PGP SIGNATURE-----
More information about the Tech
mailing list