This is the mail archive of the cygwin@sourceware.cygnus.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: /dev/random


Daniel Probst wrote:
> 
> The cygwin implementation seems to be based on the MS Crypto API. Is this
> right?
> Well this is certainly better than no /dev/random, but I do feel uneasy
> about using it for crypto purposes.
> Why didn't one choose another entropy generator? Was it purely time/priority
> considerations? How about the Bruce Shneier (Counterplane) open-source
> YARROW module.
> -dan

The MS Crypto API provides the entropy generation by no
extra cost. Why not using already existing APIs? As far
as you can't _prove_ that the MS entropy generator doesn't
pass Chi^2 or similar tests, I'm not willing to implement
code which is already provided by the system.

Or shall I assume that you're feeling uneasy only because
the API is provided by MS?


Here (as always) the following is valid:

	Patches are gratefully accepted.

-- 
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]