Quality of PRNGD

Gordon Worley redbird@rbisland.cx
Thu Sep 13 15:29:01 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 10:00 AM +0200 9/13/01, Werner Koch wrote:

>On Wed, 12 Sep 2001 16:52:21 -0400, Gordon Worley said:
>
>> Recently someone made me aware of PRNGD. The Web site claims that it
>> is better than EGD and gives reasons. I was wondering if anyone else
>> here had used it and the quality of the RNG (realizing, of course,
>
>There is a huge difference between a RNG and a PRNG. If you ever get
>hands on on (internal) state of the PRNG you can recompute all pother
>states and predict the random numbers given. For certain algorithms
>you definitely want better unpredictable random.
>
>And EGD has to block if it seems that there is not enough entroy in
>the system.
Okay, but, if I understand correctly, EGD is also a PRNG, or maybe I'm missing something? And, yes, from what I can tell EGD blocking is, for sure, a good thing in terms of gathering entropy, even though I guess in openssh it's not (I've been pointed at some discussion they've had about this). Put, putting my misuse of terminology aside, I guess what you're saying is that EGD is better suited for use with GnuPG than PRNGD is, even if EGD could use an improvement or two from what the PRNGD documentation is claiming about EGD basically failing to look at sources of entropy anymore (but I'm guessing in those cases it completely blocks, or so I hope). - -- Gordon Worley `When I use a word,' Humpty Dumpty http://www.rbisland.cx/ said, `it means just what I choose redbird@rbisland.cx it to mean--neither more nor less.' PGP: 0xBBD3B003 --Lewis Carroll -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> Comment: keyserver http://pgpkeys.mit.edu:11371 iQA/AwUBO6C0HW7zd/e707ADEQJURwCgsB19hBNxZ1Fxr5OUZfZqO+0zRwwAn0m2 xXDBuOxMIuWR0YIWAXxbEXff =4sM6 -----END PGP SIGNATURE-----