Re: New entropy source proposal.

From: Mark Murray (markm_at_FreeBSD.ORG)
Date: 03/07/05

  • Next message: Poul-Henning Kamp: "Re: New entropy source proposal." 
    To: Pawel Jakub Dawidek <pjd@FreeBSD.ORG>
Date: Mon, 07 Mar 2005 16:09:48 +0000

    Pawel Jakub Dawidek writes:
    > The program is very simple, it should be run with two arguments:
    >
    > % sndtest /dev/dspW 1048576 > rand.data
    >
    > This command will generate 1MB of random data.

    Er, not very random.

    > With my sound card:
    >
    > pcm0: <Intel ICH3 (82801CA)> port 0xe100-0xe13f,0xe000-0xe0ff irq 11 at dev=
    > ice 31.5 on pci0
    > pcm0: [GIANT-LOCKED]
    > pcm0: <Cirrus Logic CS4299 AC97 Codec>

    Did you have a noise source connected? I generated 1MB of data and it was not
    very random at all. "hexdump -C data" showed the data was very poor indeed.

    > It produce very good entropy. I tried those tests to prove its quality:
    > - FIPS 140-2 tests
    > - 'ent' tests: http://www.fourmilab.ch/random/
    > - Famous 'diehard' tests
    >
    > The full output from diehard tests is here:
    >
    > http://people.freebsd.org/~pjd/misc/sndrand_diehard.txt
    >
    > The idea of using sound card as entropy source was taken from RFC 1750.

    That RFC mentions connecting the sound card to a noise source.

    > If people like the idea and someone more skilled than me in this subject
    > can review this stuff, we can start to put it into kernel
    > "random infrastructure". It could also be implemented as userland daemon
    > which writes collected entropy to /dev/random maybe...

    I like the idea, but we need a bit more hardware assistance, I think.

    M 

    --
Mark Murray
iumop ap!sdn w,I idlaH
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Poul-Henning Kamp: "Re: New entropy source proposal."