Re: New entropy source proposal.

From: Poul-Henning Kamp (phk_at_phk.freebsd.dk)
Date: 03/07/05

  • Next message: Mark Murray: "Re: New entropy source proposal." 
    To: Mark Murray <markm@freebsd.org>
Date: Mon, 07 Mar 2005 20:33:15 +0100

    In message <200503071609.j27G9mR1032489@grovel.grondar.org>, Mark Murray writes
    :

    >Did you have a noise source connected? I generated 1MB of data and it was not
    >very random at all. "hexdump -C data" showed the data was very poor indeed.

    There will be a big difference between the microphone and line inputs
    in this respect.

    I'm quite reserved about this because of the hardware situation around
    soundcards (almost, but not quite entirely unlike each other), and
    the fact that a connected source may trick is into beliving we have
    random data when in fact we have not at all random data.

    A lot of caution is necessary.

    That said, a userland program which havests entropy from the soundcard
    and sticks it into the kernel may not be a bad idea, but we need
    to kill the notion "if it sounds like noise it is probably random"
    effectively in the documentation. (If you doubt me, listen to a
    14.4 or faster modem). 

    -- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
  • Next message: Mark Murray: "Re: New entropy source proposal."