Date: Thu, 20 Sep 2012 11:03:55 +0100 From: Jonathan Anderson <jonathan@FreeBSD.org> To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> Cc: freebsd-security@FreeBSD.org, RW <rwmaillists@googlemail.com>, Mariusz Gromada <mariusz.gromada@gmail.com>, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: Collecting entropy from device_attach() times. Message-ID: <B2DE8ED23E0B43DFBE4A19603914B53D@FreeBSD.org> In-Reply-To: <86ipb9t5hj.fsf@ds4.des.no> References: <20120918211422.GA1400@garage.freebsd.pl> <A8FD98DD94774D00B4E5F78D3174C1B4@gmail.com> <20120919192923.GA1416@garage.freebsd.pl> <20120919205331.GE1416@garage.freebsd.pl> <20120919231051.4bc5335b@gumby.homeunix.com> <86ipb9t5hj.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, 20 September 2012 at 10:20, Dag-Erling Smørgrav wrote: > Please understand that the timers used here have a resolution of around > 1e-8 to 1e-10 seconds. You may be able to predict the first six digits > with reasonable accuracy - in fact, the first four or five will almost > always be 0, except for devices with moving parts - but anything beyond > that is a crapshoot, even in a virtual machine. And this conclusion seems to be borne out by Pawel's data, at least on one machine on one architecture. RW's point is still valid, though: if we're going to start asserting that "we have gathered entropy from source X", we owe it to the consumers of that entropy to really check that we've done what we claim. For instance: on an embedded board with few devices, that uses FDT rather than bus enumeration whatsits, perhaps the time is more deterministic and therefore yields less entropy. I don't know, maybe it doesn't, but we must have data. Jon -- Jonathan Anderson jonathan@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B2DE8ED23E0B43DFBE4A19603914B53D>