Date: Tue, 25 Sep 2012 07:32:47 +0200 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Mariusz Gromada <mariusz.gromada@gmail.com> Cc: Ben Laurie <benl@freebsd.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>, Jonathan Anderson <jonathan.anderson@cl.cam.ac.uk>, John Baldwin <jhb@freebsd.org> Subject: Re: Collecting entropy from device_attach() times. Message-ID: <20120925053246.GI1413@garage.freebsd.pl> In-Reply-To: <5060DA45.30808@gmail.com> References: <20120918211422.GA1400@garage.freebsd.pl> <20120919231051.4bc5335b@gumby.homeunix.com> <20120920102104.GA1397@garage.freebsd.pl> <201209200758.51924.jhb@freebsd.org> <20120922080323.GA1454@garage.freebsd.pl> <20120922195325.GH1454@garage.freebsd.pl> <505E59DC.7090505@gmail.com> <20120923151706.GN1454@garage.freebsd.pl> <5060D723.6020305@gmail.com> <5060DA45.30808@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--k9xkV0rc9XGsukaG Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 25, 2012 at 12:10:13AM +0200, Mariusz Gromada wrote: > W dniu 2012-09-24 23:56, Mariusz Gromada pisze: >=20 > > Ok, finally I have some formal results. To be completely honest I need > > to point out that, in fact, we have a discrete data (for example > > integers 0, 1, ..., 63, but not continues numbers spread across 0 and > > 63). That is way I am going to use two sample Kolmogorov-Smirnov test. >=20 > Another clarification is needed. KS test in general (and in theory)=20 > should be used for continuous distributions. But in our case we can=20 > easily say that we observe our distribution in integers only (rounding),= =20 > and the whole rest is easily estimated. Thanks a lot! To the list: phk@ asked me privately to check if there is no correclation between consecutive device_attach() calls during single boot. For example each device_attach() separately can yield great entropy in every tests, but all those calls combined might be somehow related, ie. during one boot all calls take a bit longer and in another boot all calls take a bit less, which could decrease total entropy we should estimate out of it. I created dummy driver which was registering three dummy drivers, so it was provoking three device_attach() calls on every kldload. Mariusz verified the observations and there was no correlation between the times. I believe everyone is bored at this point, so I'd like to propose a way forward: I'll perform one more test with CPU clock speed reduced as much as it can be and see if rejecting 7 top bits is still fine. If it is, I'd like to commit my patch. I was wondering if I should hide it under #ifdef __amd64__, but the only risk in having it on all platforms is eventually being overestimating available entropy, which is bad, but I think better than not providing any entropy this method. On the other hand having it on one or two platforms only would maybe motivate people to verify it on other platforms. --=20 Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://tupytaj.pl --k9xkV0rc9XGsukaG Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlBhQf0ACgkQForvXbEpPzR2OQCdGcwWJYiJluJQud/xlPF7ORPB 0QYAnR0UlSg1qzTnPCVsXTXdu8Eaqw1P =Ymdr -----END PGP SIGNATURE----- --k9xkV0rc9XGsukaG--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120925053246.GI1413>