From owner-freebsd-security@FreeBSD.ORG Tue Sep 25 09:29:40 2012 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9A144106568F; Tue, 25 Sep 2012 09:29:40 +0000 (UTC) (envelope-from mariusz.gromada@gmail.com) Received: from mail-qa0-f54.google.com (mail-qa0-f54.google.com [209.85.216.54]) by mx1.freebsd.org (Postfix) with ESMTP id 04CFC8FC08; Tue, 25 Sep 2012 09:29:39 +0000 (UTC) Received: by qady23 with SMTP id y23so3983033qad.13 for ; Tue, 25 Sep 2012 02:29:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=YV39joB62qzF9sMnNjydJ0RkoztMAhPf2atOS2eq8yI=; b=0Ne9LjH+SFir6P7J945bOWxL6jD/HSgu5SbBUDjAaWW54BFonv/oQYHERrmRiPtvxX Ig+L8qDGQufnyP2mJU4UwxhfUF5AGYXwrQIITbExYlqX/GOPPTQlfyyQjRyz/R7D4mxi rfo8PC9BrnzyJujQguYfn5+5dC0sLIK1lTvCP1PS0w2gTHHUh1HEvsQIJ0woDT6bm1zS UPaYoLCWIzUH5uLI7BdmuX34sufH1GXxHco8z98nH2lOgL6+Y9hNt5b5ymb8/Kl8nLyE 69WwTCGrnOEmT/EeYcJAvx6FEfS/0DiTpW6gHRG2/5UG/NS34WRjAHfeAKj6ARFtYqMR QCaA== MIME-Version: 1.0 Received: by 10.224.70.138 with SMTP id d10mr38558901qaj.12.1348565379415; Tue, 25 Sep 2012 02:29:39 -0700 (PDT) Received: by 10.49.81.242 with HTTP; Tue, 25 Sep 2012 02:29:39 -0700 (PDT) In-Reply-To: References: <20120918211422.GA1400@garage.freebsd.pl> <20120919231051.4bc5335b@gumby.homeunix.com> <20120920102104.GA1397@garage.freebsd.pl> <201209200758.51924.jhb@freebsd.org> <20120922080323.GA1454@garage.freebsd.pl> <20120922195325.GH1454@garage.freebsd.pl> <505E59DC.7090505@gmail.com> <20120923151706.GN1454@garage.freebsd.pl> <5060D723.6020305@gmail.com> Date: Tue, 25 Sep 2012 11:29:39 +0200 Message-ID: From: Mariusz Gromada To: Ben Laurie X-Mailman-Approved-At: Tue, 25 Sep 2012 11:55:02 +0000 Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-security@freebsd.org, RW , Jonathan Anderson , Pawel Jakub Dawidek , John Baldwin Subject: Re: Collecting entropy from device_attach() times. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Sep 2012 09:29:40 -0000 > > > You cannot conclude that - no test can tell you it, but this test > rather obviously does not, since what it tests is the equality of > probability distributions, so what you can now say is that the > distribution is square. A completely predictable sequence, say 0..63, > would satisfy that. > > Yes, I agree. That is way I proposed to Pawel analysis from the area of stochastic processes. > Empirically, it seems to me that these numbers are actually unlikely > to be correlated with each other, but that has not been tested. > Another yes, you are right. We need much more data to check if we have a stochastic process consisted of independent random variables. > > Also untested is correlation between the numbers from different > devices on the same run - if they were strongly correlated, for > example, that would be bad. > I have proposed that also, but it requires checking different architectures. I even offered my raspberry pi :-), but unfortunately FreeBSD does not want to work on it :-( > > Not that I dislike Pawel's approach, it seems promising, I'm just > pointing out the weakness of the analysis. > Again, thanks for pointing the weakness of the analysis, you are completely right about everything. I have been thinking about all of these issues, but unfortunately forgot to write it down as a constraints of the analysis. Regards, Mariusz