Linux-based wireless mesh suite adds crypto engine support

Ben Laurie ben at
Wed Oct 6 08:39:39 EDT 2004

John Gilmore wrote:
> Crypto hardware that generates "random" numbers can't be tested in
> production in many useful ways.  My suggestion would be to XOR a
> hardware-generated and a software-generated random number stream.  If
> one fails, whether by accident, malice, or design, the other will
> still randomize the resulting stream.  Belt AND suspenders will keep
> your source of randomness from being your weakest link.

I think it'd sometimes be better to feed them both into a pool rather 
than xoring them, since they might go at radically different rates, and 
xor would limit you to the slower of the two. Of course, for some threat 
models that would be the right thing.



ApacheCon! 13-17 November!

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list