On Tue, 24 Dec 2013 16:04:53 -0800 Xin Li wrote: > When reading from /dev/random, one essentially consumes entropy that > is fed into the random device, and eventually it would cause a reseed. Reads don't trigger reseeds in Yarrow. And both Yarrow and Fortuna are designed so this isn't a problem. In any case reads that aren't under the control of an unprivileged attacker make it harder to perform a state-extension attack, not easier. This kind of thing shouldn't be an issue for any non-blocking random device that isn't quite badly broken. If it were, it would be better to fix the device. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"