This is the mail archive of the
cygwin@sourceware.cygnus.com
mailing list for the Cygwin project.
Re: /dev/random
- To: Daniel Probst <daniel dot probst at vwl dot uni-mannheim dot de>
- Subject: Re: /dev/random
- From: Corinna Vinschen <corinna at vinschen dot de>
- Date: Wed, 24 May 2000 09:49:33 +0200
- CC: cygwin at sourceware dot cygnus dot com
- References: <002501bfc549$7d19f1c0$c85a9b86@vwl.unimannheim.de>
- Reply-To: cygwin <cygwin at sourceware dot cygnus dot com>
Daniel Probst wrote:
>
> The cygwin implementation seems to be based on the MS Crypto API. Is this
> right?
> Well this is certainly better than no /dev/random, but I do feel uneasy
> about using it for crypto purposes.
> Why didn't one choose another entropy generator? Was it purely time/priority
> considerations? How about the Bruce Shneier (Counterplane) open-source
> YARROW module.
> -dan
The MS Crypto API provides the entropy generation by no
extra cost. Why not using already existing APIs? As far
as you can't _prove_ that the MS entropy generator doesn't
pass Chi^2 or similar tests, I'm not willing to implement
code which is already provided by the system.
Or shall I assume that you're feeling uneasy only because
the API is provided by MS?
Here (as always) the following is valid:
Patches are gratefully accepted.
--
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company
--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe@sourceware.cygnus.com