Date: Mon, 20 Aug 2012 15:02:43 -0700 From: Steve Kargl <sgk@troutmask.apl.washington.edu> To: Ben Laurie <ben@links.org> Cc: freebsd-arch@freebsd.org Subject: Re: /dev/random Message-ID: <20120820220243.GA96700@troutmask.apl.washington.edu> In-Reply-To: <CAG5KPzz4GQ2C_ky_qrDroQ4srGL4daW0OO-F3eOvvL-9AO6zoQ@mail.gmail.com> References: <CAG5KPzz4GQ2C_ky_qrDroQ4srGL4daW0OO-F3eOvvL-9AO6zoQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Aug 20, 2012 at 07:49:16PM +0100, Ben Laurie wrote: > Apparently /dev/random uses h/w PRNGs if available, discarding all > other sources of randomness. > > This seems like a mistake to me - we should fix it. > > Also, it seems that entropy is available in detailed interrupt timing > (see http://www.issihosts.com/haveged/) which might be useful on > entropy-starved systems - I suspect we are not exploiting this source, > and in light of recent developments, we probably should be, > > Comments? Well, it's hard to comment when you failed to explain *why* you think it is a mistake. In addition, I'm having a hard time parsing your 1st sentence, which appears to be related to this sentence: The device will probe for certain hardware entropy sources, and use these in preference to the fallback, which is a generator implemented in software. from 'man 4 random'. Your 'all other sources of randomness' would then need to be amended to 'all other sources of entropy'. But, then 'all other sources' does not make sense, because only the 'generator implemented in software' is discarded. It is also unclear why a linux-only project for gathering entropy is relevant here given that FreeBSD already has the ability to use both hardware and software interrupts as sources of entropy. -- Steve
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120820220243.GA96700>