From owner-freebsd-hackers  Tue Mar  5 15:45:40 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170])
	by hub.freebsd.org (Postfix) with ESMTP id ED93C37B402
	for <freebsd-hackers@FreeBSD.ORG>; Tue,  5 Mar 2002 15:45:32 -0800 (PST)
Received: (from uucp@localhost)
	by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g25NjN776482;
	Tue, 5 Mar 2002 23:45:23 GMT
	(envelope-from mark@grimreaper.grondar.za)
Received: from grimreaper (localhost [127.0.0.1])
	by grimreaper.grondar.org (8.12.2/8.12.2) with ESMTP id g25NgTRV079032;
	Tue, 5 Mar 2002 23:42:29 GMT
	(envelope-from mark@grimreaper.grondar.za)
Message-Id: <200203052342.g25NgTRV079032@grimreaper.grondar.org>
To: Adrian Filipi-Martin <adrian@ubergeeks.com>
Cc: FreeBSD Hackers List <freebsd-hackers@FreeBSD.ORG>,
	kaj@ubergeeks.com
Subject: Re: Intel 820 RNG 
References: <20020305135912.C52330-100000@lorax.ubergeeks.com> 
In-Reply-To: <20020305135912.C52330-100000@lorax.ubergeeks.com> ; from Adrian Filipi-Martin <adrian@ubergeeks.com>  "Tue, 05 Mar 2002 14:38:11 EST."
Date: Tue, 05 Mar 2002 23:42:29 +0000
From: Mark Murray <mark@grondar.za>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG

> 	We did make some enhancements that serve our needs, but may not be
> best for everyone.  We actually need entropy in quantity since we could be
> doing a lot of crypto operations back to back and it can easily become our
> worst bottleneck.

Have you looked at the "Yarrow" algorithm?

> 	To this end, we have an entropy buffer in kernel memory that pulls
> large blocks of entropy from the RNG if it's going to read from it at all.
> The device puts out several orders of magnitude more entropy than the
> original drivers captured, and we needed as much as we could grab.
> Ideally we would not mix the entropy into the entropy pool and just use the
> high quality entropy from the buffer, but we decided to minimize divergence
> from the original sources and not switch to 100% hardware entropy.

In CURRENT, I have implemented Yarrow to achieve just this purpose.

> 	The drawback to our approach is that it can spend a lot of time in
> the kernel.  To tune this behavior we added a few sysctl's.  The start/stop
> script after the diff's tweaks a few of these settings after boot up.

Again, look at current. The RNG is _really_ fast.

> 	I cc'd Kaj Groner, who actually did the work for us.  He's not on
> this list, so don't drop his address.  I was more involved at the higher
> levels of what we needed to get done when we rebased our appliance from
> OpenBSD to FreeBSD last Summer.

:-) You may be pleasantly surprised :-)

M

(Thanks for the sources!)
-- 
o       Mark Murray
\_
O.\_    Warning: this .sig is umop ap!sdn

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message