Yarrow

see also: Etymology of Yarrow

Yarrow is a cryptographic generator of pseudo-random numbers invented by Bruce Schneier, John Kelsey and Niels Ferguson.

The algorithm is voluntarily free of any patent or commercial constraint. No license is necessary to employ it. Yarrow is included within Mac OS X in its /dev/random. However, its use is not recommended any more and it was replaced by its successor, Fortuna also invented by Schneier and Ferguson. Some of the principles present in Yarrow are included in Fortuna. However, its resistance is less compared to this last which offers a greater flexibility and which appears surer cryptographiquement from the use of SHA-256 instead of SHA-1.

Operation

Yarrow has two groups of 160 bits (for Yarrow-160) which collect Entropie starting from various sources with the randomness. In Yarrow, a group is known as " rapide" and the other is known as " lent". Data coming from the entropy " lente" surer but are less often used. In alternation with the " group; rapide" , these results are then chopped by SHA-1 to be used as seed . The " qualité" contents of the groups are evaluated with an estimator of entropy. This one makes it possible to say if it would be easy for an attacker to guess the contents of the groups. Once these validated data, they are chopped with SHA-1 and are used as key for a symmetrical encryption algorithm of type 3DES. This one quantifies a simple meter, which returns the architecture of the rather simple algorithm and easily implémentable. With final, one obtains a pseudo-random data flow cryptographiquement but sure since even with an immense computing power, it is impossible to make the difference between a continuation coming from Yarrow or a perfectly random continuation.

External bonds

official Page of Yarrow

Random links: