From: "H. Peter Anvin" <hpa@zytor.com>
To: Peter Monta <pmonta@pmonta.com>
Cc: garzik@havoc.gtf.org, linux-kernel@vger.kernel.org
Subject: Re: Continuing /dev/random problems with 2.4
Date: Fri, 01 Feb 2002 14:54:51 -0800 [thread overview]
Message-ID: <3C5B1CBB.6080802@zytor.com> (raw)
In-Reply-To: <20020201031744.A32127@asooo.flowerfire.com> <1012582401.813.1.camel@phantasy> <a3enf3$93p$1@cesium.transmeta.com> <20020201202334.72F921C5@www.pmonta.com> <20020201153346.B2497@havoc.gtf.org> <20020201205605.ED5111C5@www.pmonta.com>
Peter Monta wrote:
>
> Well, yes and no. What you really need is a conservative estimate
> of how much entropy is contained in n bits of input; a cryptographic
> hash, such as MD5, will distill out the "truly random". The comments
> in drivers/char/random.c claim that the input hash is cryptographically
> noncritical, but to be pedantic, maybe MD5 the audio noise before
> writing to /dev/random.
>
/dev/random rather does that itself (that's what the output hash does.)
> Assuming the sound-card output looks like reasonable noise of
> a few LSBs amplitude, a conservative estimate might be 0.1 bit
> of entropy per sample. This is 9600 bits of entropy per second
> from a stereo card, more than enough.
>
> A small daemon would wake up every so often, check if /dev/random
> needs topped up, read some audio samples, MD5(), write(),
> ioctl(# of claimed entropy bits). I haven't seen the i810 RNG tools,
> but I guess they do something similar.
The point with the tests that have been mentioned is to derive such a
conservative estimate, and to raise a red flag if the output suddenly
becomes predictable.
-hpa
next prev parent reply other threads:[~2002-02-01 22:55 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-02-01 9:17 Continuing /dev/random problems with 2.4 Ken Brownfield
2002-02-01 16:36 ` Andreas Dilger
2002-02-01 17:00 ` Ken Brownfield
2002-02-01 16:53 ` Robert Love
2002-02-01 17:01 ` Ken Brownfield
2002-02-04 9:28 ` Sean Hunter
2002-02-01 18:40 ` H. Peter Anvin
2002-02-01 19:38 ` Ken Brownfield
2002-02-01 19:50 ` Robert Love
2002-02-01 19:52 ` Ken Brownfield
2002-02-01 19:57 ` Andreas Dilger
2002-02-01 20:22 ` Ken Brownfield
2002-02-01 19:43 ` Andreas Dilger
2002-02-01 20:12 ` H. Peter Anvin
2002-02-01 20:28 ` Jeff Garzik
2002-02-02 1:33 ` David Wagner
2002-02-02 8:01 ` Jeff Garzik
2002-02-02 8:54 ` Kai Henningsen
2002-02-02 11:13 ` Andreas Dilger
2002-02-04 22:13 ` Bill Davidsen
2002-02-04 22:37 ` Roland Dreier
2002-02-04 22:45 ` Robert Love
2002-02-05 23:02 ` Bill Davidsen
2002-02-05 23:17 ` Robert Love
2002-02-06 16:16 ` Bill Davidsen
2002-02-06 16:31 ` Need a clew WRT fig2dev Kirk Reiser
2002-02-06 16:42 ` Adrian Bunk
2002-02-06 20:40 ` Jeff Garzik
2002-02-09 19:45 ` Continuing /dev/random problems with 2.4 Nix N. Nix
2002-02-03 12:51 ` Henning P. Schmiedehausen
2002-02-01 20:23 ` Peter Monta
2002-02-01 20:27 ` H. Peter Anvin
2002-02-01 20:36 ` Jeff Garzik
2002-02-01 20:33 ` Jeff Garzik
2002-02-01 20:40 ` H. Peter Anvin
2002-02-01 20:54 ` Jeff Garzik
2002-02-01 20:56 ` Peter Monta
2002-02-01 22:54 ` H. Peter Anvin [this message]
2002-02-01 23:27 ` Peter Monta
2002-02-02 1:50 ` H. Peter Anvin
2002-02-02 2:05 ` David Wagner
2002-02-02 3:30 ` Peter Monta
2002-02-02 21:02 ` Martin Dalecki
-- strict thread matches above, loose matches on Subject: below --
2002-02-04 21:53 Ishan O. Jayawardena
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3C5B1CBB.6080802@zytor.com \
--to=hpa@zytor.com \
--cc=garzik@havoc.gtf.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pmonta@pmonta.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.