[Cryptech Tech] Avalanche noise test boards

[Benedikt Stockebrand]

Hi Joachim and list,

Joachim Strömbergson <joachim at secworks.se> writes:

> Aloha!
>
> Benedikt Stockebrand wrote:
>> My point is not that Fortuna should be used these days, but that
>> anybody still using Yarrow ten years after a significantly improved
>> successor has been published is obviously not keeping up with current
>> advances in the area.
>
> Because Yarrow is deemded to be good enough?

yes, but does that really make sense?  The authors of Yarrow decided
that it had serious enough drawbacks to make them spend significant time
to develop a new design, so that's a pretty strong indication that there
*are* serious issues, and possibly more than the people "just"
implementing it may realize.  And after ten years there's little reason
to assume that there are any teething problems to deal with.

This "it's good enough until it actually blows up in my face" attitude
is really dangerous, no matter how popular...

> Other OSes uses or has been using much more suspect, ad hoc and less
> well designed algorithms than FreeBSD with Yarrow.

Fair enough, but if you want to do something properly that's not the
direction you should look for references.

> I agree with you that Fortuna seems to be a much better algorithm. And
> esp the entropy estimation part of Yarrow is troublesome. This paper
> gives a good boost for Fortuna:
>
> https://www.schneier.com/blog/archives/2014/03/the_security_of_7.html

I'll take a look at it first chance I get (currently I'm sitting in a
train and only have intermittent Internet access at best).


Cheers,

    Benedikt

-- 
Benedikt Stockebrand,                   Stepladder IT Training+Consulting
Dipl.-Inform.                           http://www.stepladder-it.com/

          Business Grade IPv6 --- Consulting, Training, Projects

BIVBlog---Benedikt's IT Video Blog: http://www.stepladder-it.com/bivblog/