ghudson at MIT.EDU
Wed Feb 23 11:49:40 EST 2011
Based on discussion last September, I've written up a project proposal
for changes to the PRNG logic in krb5, and started a one-week review:
The basic proposed steps are:
* Rewrite the Fortuna PRNG implementation and make it the default.
* Immediately reseed the Fortuna generator on OSRAND and TRUSTEDPARTY
entropy inputs; other inputs go into the accumulator pools.
* Make the Fortuna PRNG fail out if it can't productively seed its
generator (this shouldn't ever happen if it's possible to get OS
* Drop the Yarrow PRNG implementation.
* Add a PRNG implementation which just gathers OS entropy.
* Eliminate some of the calls to add entropy inputs where they are not
needed or useful.
More information about the krbdev