Ian Turner writes: > > Can be so easy to DoS cryptographic software? > > Yes. If you don't trust your users to not deplete the entropy, then don't > give them permission to read it. An intermediate possibility is to have multiple RNGs with multiple sources of entropy, or multiple RNGs with entropy divided among them somehow, or a single RNG which enforces a reasonable policy of some sort when multiple processes want to access it at once. Modern multiuser operating systems have solved all _kinds_ of problems around concurrency and dealing with contention over a shared resource. There is no reason that they should not be able to do exactly the same thing for an entropy pool, if it becomes an issue. -- Seth David Schoen <schoenat_private> | And do not say, I will study when I Temp. http://www.loyalty.org/~schoen/ | have leisure; for perhaps you will down: http://www.loyalty.org/ (CAF) | not have leisure. -- Pirke Avot 2:5
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:33:48 PDT