Date: Tue, 25 Sep 2012 10:05:01 +0100 From: Ben Laurie <benl@freebsd.org> To: Pawel Jakub Dawidek <pjd@freebsd.org> Cc: freebsd-security@freebsd.org, RW <rwmaillists@googlemail.com>, Jonathan Anderson <jonathan.anderson@cl.cam.ac.uk>, Mariusz Gromada <mariusz.gromada@gmail.com>, John Baldwin <jhb@freebsd.org> Subject: Re: Collecting entropy from device_attach() times. Message-ID: <CAG5KPzz3ehKm%2BBN_0MCYfcRFkYxKzFLSTTFEpsJg3kK0BTvChQ@mail.gmail.com> In-Reply-To: <20120925053246.GI1413@garage.freebsd.pl> References: <20120918211422.GA1400@garage.freebsd.pl> <20120919231051.4bc5335b@gumby.homeunix.com> <20120920102104.GA1397@garage.freebsd.pl> <201209200758.51924.jhb@freebsd.org> <20120922080323.GA1454@garage.freebsd.pl> <20120922195325.GH1454@garage.freebsd.pl> <505E59DC.7090505@gmail.com> <20120923151706.GN1454@garage.freebsd.pl> <5060D723.6020305@gmail.com> <5060DA45.30808@gmail.com> <20120925053246.GI1413@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 25, 2012 at 6:32 AM, Pawel Jakub Dawidek <pjd@freebsd.org> wrote: > On Tue, Sep 25, 2012 at 12:10:13AM +0200, Mariusz Gromada wrote: >> W dniu 2012-09-24 23:56, Mariusz Gromada pisze: >> >> > Ok, finally I have some formal results. To be completely honest I need >> > to point out that, in fact, we have a discrete data (for example >> > integers 0, 1, ..., 63, but not continues numbers spread across 0 and >> > 63). That is way I am going to use two sample Kolmogorov-Smirnov test. >> >> Another clarification is needed. KS test in general (and in theory) >> should be used for continuous distributions. But in our case we can >> easily say that we observe our distribution in integers only (rounding), >> and the whole rest is easily estimated. > > Thanks a lot! > > To the list: > > phk@ asked me privately to check if there is no correclation between > consecutive device_attach() calls during single boot. > > For example each device_attach() separately can yield great entropy in > every tests, but all those calls combined might be somehow related, ie. > during one boot all calls take a bit longer and in another boot all > calls take a bit less, which could decrease total entropy we should > estimate out of it. > > I created dummy driver which was registering three dummy drivers, so it > was provoking three device_attach() calls on every kldload. Mariusz > verified the observations and there was no correlation between the > times. Sorry to those that are bored, but ... what was the methodology? > I believe everyone is bored at this point, so I'd like to propose a way > forward: > > I'll perform one more test with CPU clock speed reduced as much as it > can be and see if rejecting 7 top bits is still fine. If it is, I'd like > to commit my patch. I was wondering if I should hide it under > #ifdef __amd64__, but the only risk in having it on all platforms is > eventually being overestimating available entropy, which is bad, but I > think better than not providing any entropy this method. On the other > hand having it on one or two platforms only would maybe motivate people > to verify it on other platforms. > > -- > Pawel Jakub Dawidek http://www.wheelsystems.com > FreeBSD committer http://www.FreeBSD.org > Am I Evil? Yes, I Am! http://tupytaj.pl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG5KPzz3ehKm%2BBN_0MCYfcRFkYxKzFLSTTFEpsJg3kK0BTvChQ>