Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 20 Aug 2012 23:05:39 +0100
From:      Ben Laurie <ben@links.org>
To:        Steve Kargl <sgk@troutmask.apl.washington.edu>
Cc:        freebsd-arch@freebsd.org
Subject:   Re: /dev/random
Message-ID:  <CAG5KPzwBzWvDFDZqzT4masbknKfVe-rvdTd1h6ZxEoG90Rcxqg@mail.gmail.com>
In-Reply-To: <20120820220243.GA96700@troutmask.apl.washington.edu>
References:  <CAG5KPzz4GQ2C_ky_qrDroQ4srGL4daW0OO-F3eOvvL-9AO6zoQ@mail.gmail.com> <20120820220243.GA96700@troutmask.apl.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Aug 20, 2012 at 11:02 PM, Steve Kargl
<sgk@troutmask.apl.washington.edu> wrote:
> On Mon, Aug 20, 2012 at 07:49:16PM +0100, Ben Laurie wrote:
>> Apparently /dev/random uses h/w PRNGs if available, discarding all
>> other sources of randomness.
>>
>> This seems like a mistake to me - we should fix it.
>>
>> Also, it seems that entropy is available in detailed interrupt timing
>> (see http://www.issihosts.com/haveged/) which might be useful on
>> entropy-starved systems - I suspect we are not exploiting this source,
>> and in light of recent developments, we probably should be,
>>
>> Comments?
>
> Well, it's hard to comment when you failed to explain
> *why* you think it is a mistake.

Sorry - because I do not think it is wise to trust the h/w prng so
much we discard other entropy.

>  In addition, I'm having
> a hard time parsing your 1st sentence, which appears to
> be related to this sentence:
>
>    The device will probe for certain hardware entropy sources,
>    and use these in preference to the fallback, which is a
>    generator implemented in software.
>
> from 'man 4 random'.  Your 'all other sources of randomness'
> would then need to be amended to 'all other sources of entropy'.
> But, then 'all other sources' does not make sense, because only
> the 'generator implemented in software' is discarded.

That is everything except the hardware, right? So ... all other sources.

> It is also unclear why a linux-only project for gathering entropy
> is relevant here given that FreeBSD already has the ability to
> use both hardware and software interrupts as sources of entropy.

It is relevant because it seems there is entropy available in
fine-grained timing.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAG5KPzwBzWvDFDZqzT4masbknKfVe-rvdTd1h6ZxEoG90Rcxqg>