Re: New entropy source proposal.
From: Mark Murray (markm_at_FreeBSD.ORG)
To: Pawel Jakub Dawidek <pjd@FreeBSD.ORG> Date: Mon, 07 Mar 2005 16:09:48 +0000
Pawel Jakub Dawidek writes:
> The program is very simple, it should be run with two arguments:
> % sndtest /dev/dspW 1048576 > rand.data
> This command will generate 1MB of random data.
Er, not very random.
> With my sound card:
> pcm0: <Intel ICH3 (82801CA)> port 0xe100-0xe13f,0xe000-0xe0ff irq 11 at dev=
> ice 31.5 on pci0
> pcm0: [GIANT-LOCKED]
> pcm0: <Cirrus Logic CS4299 AC97 Codec>
Did you have a noise source connected? I generated 1MB of data and it was not
very random at all. "hexdump -C data" showed the data was very poor indeed.
> It produce very good entropy. I tried those tests to prove its quality:
> - FIPS 140-2 tests
> - 'ent' tests: http://www.fourmilab.ch/random/
> - Famous 'diehard' tests
> The full output from diehard tests is here:
> The idea of using sound card as entropy source was taken from RFC 1750.
That RFC mentions connecting the sound card to a noise source.
> If people like the idea and someone more skilled than me in this subject
> can review this stuff, we can start to put it into kernel
> "random infrastructure". It could also be implemented as userland daemon
> which writes collected entropy to /dev/random maybe...
I like the idea, but we need a bit more hardware assistance, I think.
-- Mark Murray iumop ap!sdn w,I idlaH _______________________________________________ firstname.lastname@example.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "email@example.com"