Date: Mon, 12 Mar 2001 14:16:33 -0800 (PST) From: Matt Dillon <dillon@earth.backplane.com> To: Mark Murray <mark@grondar.za> Cc: current@FreeBSD.ORG Subject: Re: Ethernet entropy harvesting seriously pessimizes performance Message-ID: <200103122216.f2CMGXR75489@earth.backplane.com> References: <200103122103.f2CL3YZ74166@earth.backplane.com> <200103122144.f2CLi3f92042@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
:> down and will work, SNAP, just like that? : :Because I need to make folks other than you happy. : :Lots of security minded people what _all_ the interrupt entropy :they can get, and this method gives them that while allowing others :to throttle the harvester back. : :M :-- :Mark Murray :Warning: this .sig is umop ap!sdn And if I were paranoid I could setup an interrupt a thousand times a second to scan all of physical memory and harvest the randomness from that. I am a security minded person... and I am also pragmatic. There's such a thing as overkill and your random number generator is doing it in spades. It is entirely unnecessary. Maybe rather then throw in the overkill you should actually *test* the random number generator to see where the randomness starts to break down when lowering the harvest rate. Thousands of harvests a second is just plain insane, no matter how security minded your 'lots of security minded people' are. Just ten a second should be plenty good enough, frankly, even for a paranoid security minded guy, especially considering the amount of memory the random number generator is using for state. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103122216.f2CMGXR75489>