Date: Fri, 14 Sep 2012 13:38:06 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: David O'Brien <obrien@FreeBSD.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, Ian Lepore <freebsd@damnhippie.dyndns.org>, Doug Barton <dougb@FreeBSD.org>, freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>, Mark Murray <markm@FreeBSD.org> Subject: Re: svn commit: r239569 - head/etc/rc.d Message-ID: <alpine.BSF.2.00.1209141336170.13080@ai.fobar.qr> In-Reply-To: <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr> References: <50453686.9090100@FreeBSD.org> <20120911082309.GD72584@dragon.NUXI.org> <504F0687.7020309@FreeBSD.org> <201209121628.18088.jhb@freebsd.org> <5050F477.8060409@FreeBSD.org> <20120912213141.GI14077@x96.org> <20120913052431.GA15052@dragon.NUXI.org> <alpine.BSF.2.00.1209131258210.13080@ai.fobar.qr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 13 Sep 2012, Bjoern A. Zeeb wrote:
Hi,
I have removed freebsd-rc for this part of the discussion as it's
unrelated.
Ok, this is an aweful lot of individual parts and my feeling is that
we want to go through them very focused. Some of them have been
discussed enough already with good solutions but then found to depend
on other things later. Some questions are clearly for "future
research and not to be answered any time soon".
The one I'd like to start with is the Problem of "over-seeding", as in
that we are currently dropping possible entropy. The reason to start
with that is: what and how we'll feed things in will depend on how we
solve this problem.
So far (wherever) I have heard multiple solutions and added some
(unreasonable ones?) upfront to tick them off. I left my personal
comments already. A simple "no" or "usable" can help; deleting all
unreasonable options and "ACK" on OK ones can help. If i am entirely
wrong, let me know in private.
1) continue to over-[fs]eed as we always did
(seems out of question, no improvement)
2) compress (as in gzip) the input of better_than_nothing
(multiple people objected, no literature, questionable outcome,
speed, still not great control over how much data we seed)
3) hash (arch dependent?) the entire input of better_than_nothing
in the shell script
(at least a good idea on how much data we seed)
4) hash (arch dependent?) individual parts of better_than_nothing
in the shell script
(seed more and still know how much data we'd seed)
5) send all data to the kernel but XORing the data together on overflow
in the kernel
(can control when buffer full and only then take action when
needed, indepedent on how seed data is chosen, withdrawn)
6) send all data to the kernel but XORing the data + counter value
together on overflow in the kernel
(can control when buffer full and only then take action when
needed, indepedent on how seed data is chosen, but why XOR?)
7) send all data to the kernel and hash (arch dependent?) it + counter value
into the buffer on overflow, as in b[n] = H(b[n] + c + i[n]) in the kernel
(can control when buffer full and only then take action when
needed, indepedent on how seed data is chosen, uses standard
technology)
8) ?
Things to consider: overall time this takes?
Things to consider: how often this needs to be done?
Things to consider: how to consume the most entropy?
Things to consider: can it be done arch specific if needed?
Things to consider: would there be a challenging problem implementing this?
...
Things I really love not to hear in this step:
- discussions on how much seed data/entropy we send
- discussions on which seed data/entropy we send
- discussions on the order of seed data/entropy we send
- ...
Thanks,
/bz
--
Bjoern A. Zeeb You have to have visions!
Stop bit received. Insert coin for new address family.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1209141336170.13080>