RECENT POSTS
- Introduction to FreeBSD Security Best Practices
- Working with Package Management in FreeBSD
- Understanding FreeBSD Security Advisories and Updates
- Troubleshooting Common System Administration Issues in FreeBSD
- Tips for Hardening FreeBSD to achieve System Protection
- Setting Up DHCP Server in FreeBSD
- Secure User and Group Management in FreeBSD Systems
- Secure Remote Access with SSH in FreeBSD
- Optimizing System Performance in FreeBSD
- Network Packet Capture with tcpdump in FreeBSD
- All posts ...
Do you have GDPR compliance issues ?
Check out Legiscope a GDPR compliance software, that will save you weeks of work, automating your documentation, the training of your teams and all processes you need to keep your organisation compliant with privacy regulations
P5-data-entropy
Jul 20, 2023
Entropy (randomness) management
This module maintains a concept of a current selection of entropy source. Algorithms that require entropy can use the source nominated by this module, avoiding the need for entropy source objects to be explicitly passed around. This is convenient because usually one entropy source will be used for an entire program run and so an explicit entropy source parameter would rarely vary. There is also a default entropy source, avoiding the need to explicitly configure a source at all.
If nothing is done to set a source then it defaults to the use of Rijndael AES in counter mode see DataEntropyRawSourceCryptCounter and CryptRijndael, keyed using Perl’s built-in rand function. This gives a data stream that looks like concentrated entropy, but really only has at most the entropy of the rand seed. Within a single run it is cryptographically difficult to detect the correlation between parts of the pseudo-entropy stream. If more true entropy is required then it is necessary to configure a different entropy source.
Checkout these related ports:
- Zzuf - Transparent application input fuzzer
- Zlint - X.509 certificate linter
- Zeronet - Decentralized websites using Bitcoin crypto and BitTorrent network
- Zenmap - GUI frontend for the Nmap scanning utility
- Zeek - System for detecting network intruders in real-time
- Zaproxy - The OWASP zed attack proxy
- Yubioath-desktop - GUI for displaying OATH codes with a Yubikey
- Yubikey-personalization-gui - Graphical YubiKey personalization tool
- Yubikey-manager-qt - Cross-platform application for configuring any YubiKey
- Yubikey-agent - Seamless ssh-agent for YubiKeys
- Yubico-piv-tool - Yubico PIV tool
- Ylva - Command line password manager and file encryption program
- Ykpers - Library and tool for personalization of Yubico's YubiKey
- Ykclient - Yubico C client library
- Yersinia - Layer 2 vulnerability scanner (switches, spanning tree, 802.1q ...)