From: Oliver Xymoron <oxymoron@waste.org>
To: Marco Colombo <marco@esi.it>
Cc: Andreas Dilger <adilger@clusterfs.com>, linux-kernel@vger.kernel.org
Subject: Re: Problem with random.c and PPC
Date: Mon, 19 Aug 2002 09:02:07 -0500 [thread overview]
Message-ID: <20020819140207.GC14427@waste.org> (raw)
In-Reply-To: <Pine.LNX.4.44.0208191034390.26653-100000@Megathlon.ESI>
On Mon, Aug 19, 2002 at 11:29:00AM +0200, Marco Colombo wrote:
> On Sat, 17 Aug 2002, Oliver Xymoron wrote:
>
> > > If you are in there fixing things, it might make sense to have
> > > /dev/urandom extract entropy from the random pool far less often than
> > > /dev/random. This way people who use /dev/urandom for a source of
> > > less-strong randomness (e.g. TCP sequence numbers or whatever), will
> > > not be shooting themselves in the foot for when they need a 2048-byte
> > > PGP key, if they are low on entropy sources.
> >
> > Not sure this is an ideal fix. We might instead have an entropy
> > low-water mark (say 1/2 pool size), below which /dev/urandom will not
> > deplete the pool. This way when we have ample entropy, both devices
> > will behave like TRNGs, with /dev/urandom falling back to PRNG when a
> > shortage is threatened.
>
> How can you make /dev/urandom return something without leaking
> information about the internal pool state to the observer?
> Do you plan to switch to a completely different source and reseed the
> PRNG with data not taken from the pool?
I plan to make a third pool, reseeding from the first. The code
appears to actually be structured with that in mind, it just hasn't
been done.
> In my experience, there's little you can do when the entropy demand is
> higher than the rate at which the kernel collects it. Either we implement
> /dev/random quotas, or it will be always easy to drain the internal pool
> from userspace.
Root can decide, for instance, to make /dev/random privileged to some
group if important_set is getting starved by unimportant_set.
> I'd say that /dev/urandom interface is somewhat broken: the application
> either can live with an almost pure PRNG (and use an userspace
> implementation) or needs true, pure and strong randomness. The programmer
> should know the mimimal need for true randomness of the application.
> For every application that uses /dev/urandom, it's 0 by definition of
> /dev/urandom, and the application should just use an userspace PRNG.
Many actually do this. I believe OpenSSL merely seeds though I'd have
to doublecheck.
> If you need a weak solution (a perturbated PRNG), just read a few bits
> from /dev/random at times (but in a controlled and defined way).
It might be helpful to think of /dev/urandom as akin to /dev/random with
O_NONBLOCK. "Give me stronger bits if you got 'em" is desirable,
otherwise this thread would be much shorter.
--
"Love the dolphins," she advised him. "Write by W.A.S.T.E.."
next prev parent reply other threads:[~2002-08-19 13:58 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-08-16 10:00 Problem with random.c and PPC Jon Burgess
2002-08-16 19:52 ` Oliver Xymoron
2002-08-16 17:51 ` henrique
2002-08-16 21:21 ` Ruth Ivimey-Cook
2002-08-17 0:47 ` Oliver Xymoron
2002-08-17 0:45 ` Oliver Xymoron
2002-08-17 6:05 ` Andreas Dilger
2002-08-17 7:23 ` Oliver Xymoron
2002-08-17 9:09 ` Andreas Dilger
2002-08-17 16:56 ` Oliver Xymoron
2002-08-19 9:29 ` Marco Colombo
2002-08-19 14:02 ` Oliver Xymoron [this message]
2002-08-19 15:11 ` Marco Colombo
2002-08-19 15:29 ` Oliver Xymoron
2002-08-19 16:20 ` Marco Colombo
2002-08-19 16:33 ` Oliver Xymoron
2002-08-19 20:23 ` Marco Colombo
2002-08-22 3:16 ` David Wagner
2002-08-16 20:52 ` Chris Friesen
2002-08-17 0:29 ` Oliver Xymoron
2002-08-22 3:19 ` David Wagner
2002-08-22 15:40 ` Chris Friesen
2002-08-22 17:25 ` Remco Post
-- strict thread matches above, loose matches on Subject: below --
2002-08-15 16:10 henrique
2002-08-15 15:14 henrique
2002-08-15 18:25 ` Andreas Dilger
2002-08-15 19:03 ` Tom Rini
2002-08-15 19:59 ` Andreas Dilger
2002-08-15 21:04 ` Tom Rini
2002-08-16 1:50 ` H. Peter Anvin
2002-08-16 16:33 ` Oliver Xymoron
2002-08-16 16:28 ` Oliver Xymoron
[not found] ` <20020816170126.GD26993@opus.bloom.county>
2002-08-16 17:15 ` Oliver Xymoron
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20020819140207.GC14427@waste.org \
--to=oxymoron@waste.org \
--cc=adilger@clusterfs.com \
--cc=linux-kernel@vger.kernel.org \
--cc=marco@esi.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.