On Sun, 16 Sep 2012 17:21:21 +0100 Mark Murray wrote: > Part 3 will be the addition of another choice of software PRNG; > Fortuna. Fortuna is MUCH more resilient to attack, Fortuna is much more resilient to types of attack that're probably never going to happen. Potentially Fortuna could be much worse against real world attacks because it spreads the entropy very thinly across the 32 (or more) pools. During the boot most entropy will go into pools that wont contribute until it's too late to be of use. I think Fortuna has a lot of merit, but it needs to be modified to be practical as a UNIX /dev/random. For example instead of looping each entropy source around the 32 pools, just loop up to the first pool that never been consumed. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"