Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 04 Sep 2000 13:44:28 +0100
From:      Adam Laurie <adam@algroup.co.uk>
To:        Kris Kennaway <kris@FreeBSD.org>
Cc:        James Wyatt <jwyatt@rwsystems.net>, Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, Adam Back <adam@cypherspace.org>, security@FreeBSD.org
Subject:   Re: yarrow & /dev/random
Message-ID:  <39B3992B.7B823DEE@algroup.co.uk>
References:  <Pine.BSF.4.21.0008270011040.64244-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Kris Kennaway wrote:
> 
> On Sun, 27 Aug 2000, James Wyatt wrote:
> 
> > On servers with no regular keyboard or mouse use, there is usually enough
> > entropy in the disk and network IO to serve the purpose. Small servers
> > with low net and disk entropy often get used as consoles for busier
> > servers. Your mileage may vary, of course. What other sources of entropy
> > might one consider? Maybe an AM radio tuned to static hooked into
> > /dev/audio to get random samples? - Jy@
> 
> My observations suggest that a sound card tuned to maximum input gain with
> no microphone input (i.e. sampling noise in the card) is a very good
> source of randomness, with at least 6 bits of entropy per 16 bit sample
> for most cards, which can be sampled at 44Khz (i.e. about 32 kilobytes of
> randomness per second, far in excess of what Yarrow needs).
> 
> More than enough for even heavy server needs.

This is only safe to do if you can guarantee that your sound card is
protected from outside influence - e.g. radio transmissions putting
known noise into your data. TEMPEST shielding would be a good start.

cheers,
Adam
--
Adam Laurie                   Tel: +44 (20) 8742 0755
A.L. Digital Ltd.             Fax: +44 (20) 8742 5995
Voysey House                  http://www.thebunker.net
Barley Mow Passage            http://www.aldigital.co.uk
London W4 4GB                 mailto:adam@algroup.co.uk
UNITED KINGDOM                PGP key on keyservers


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?39B3992B.7B823DEE>