Date: Thu, 20 Sep 2012 11:03:55 +0100 From: Jonathan Anderson <jonathan@FreeBSD.org> To: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> Cc: freebsd-security@FreeBSD.org, RW <rwmaillists@googlemail.com>, Mariusz Gromada <mariusz.gromada@gmail.com>, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: Collecting entropy from device_attach() times. Message-ID: <B2DE8ED23E0B43DFBE4A19603914B53D@FreeBSD.org> In-Reply-To: <86ipb9t5hj.fsf@ds4.des.no> References: <20120918211422.GA1400@garage.freebsd.pl> <A8FD98DD94774D00B4E5F78D3174C1B4@gmail.com> <20120919192923.GA1416@garage.freebsd.pl> <20120919205331.GE1416@garage.freebsd.pl> <20120919231051.4bc5335b@gumby.homeunix.com> <86ipb9t5hj.fsf@ds4.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday, 20 September 2012 at 10:20, Dag-Erling Sm=C3=B8rgrav wrote: > Please understand that the timers used here have a resolution of around= > 1e-8 to 1e-10 seconds. You may be able to predict the first six digits > with reasonable accuracy - in fact, the first four or five will almost > always be 0, except for devices with moving parts - but anything beyond= > that is a crapshoot, even in a virtual machine. And this conclusion seems to be borne out by Pawel's data, at least on on= e machine on one architecture. RW's point is still valid, though: if we'r= e going to start asserting that =22we have gathered entropy from source X= =22, we owe it to the consumers of that entropy to really check that we'v= e done what we claim. =46or instance: on an embedded board with few devices, that uses =46DT ra= ther than bus enumeration whatsits, perhaps the time is more deterministi= c and therefore yields less entropy. I don't know, maybe it doesn't, but = we must have data. Jon -- =20 Jonathan Anderson jonathan=40=46reeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B2DE8ED23E0B43DFBE4A19603914B53D>