From: Sandy Harris <sandy@storm.ca>
To: linux-kernel@vger.kernel.org
Subject: Re: [RFC] frandom - fast random generator module
Date: Thu, 23 Oct 2003 11:22:53 +0800 [thread overview]
Message-ID: <3F97498D.9050704@storm.ca> (raw)
In-Reply-To: <20031022122251.A3921@borg.org>
Kent Borg wrote:
> I regularly use:
>
> $ head -c 4 /dev/random | ./mnencode
>
> ... I pipe 4 (rarely more) bytes into mnencode, ...
> ... So I have a lot of passwords that look like
> corona-million-binary or ...
That's not secure; four bytes give only 2^32 = 4 billion odd
possibilities. An enemy can easily enumerate them all as the
start of an attack.
> For more information on mnencode see
> <http://www.tothink.com/mnemonic/>.
>
Neat utility, and one I didn't know about. Thanks.
>
> -kb, the Kent who would like to see the kernel's random number
> generator improved
I think we'd all like to see it improved if possible. The question
is how, and why?
>(better entropy estimation, better entropy management,
I see no problems there.
The estimation is of course imperfect, but seems conservative
and reasonable.
There are only two ways I can see to manage entropy -- use a pool
as /dev/random does or just use a couple of hash contexts as
Yarrow does. Methinks the pool approach is better because it
gives a higher upper bound on entropy used. The implementation
in /dev/random looks fine to me, too.
Do you have anything specific? What do you think is wrong in
these areas, and can you suggest a fix?
> ability to supply some initial entropy early in the
> boot--for embedded devices
Once you have a file system, that's easy. Just cat or dd a
saved entropy file into /dev/random. You can play with pool
size #defines in the /dev/random code and constants in the
shellscript to adjust the details.
Do you think you need this before there's a file system? Why?
Or are you thinking of boxes that don't have a file system?
Or not writable? Not local?
> --and even speed),
I suspect that's the real issue. People report using other
things because /dev/urandom is too slow.
Can we speed up /dev/urandom? Or perhaps write a PRNG daemon?
If all we need is a library, there's an RC4-based one named
prng.c in the FreeS/WAN libraries.
http://www.freeswan.org/freeswan_snaps/CURRENT-SNAP/doc/manpage.d/ipsec_prng.3.html
Two threads discussing the desin start at:
http://lists.freeswan.org/pipermail/design/2002-March/002166.html
http://lists.freeswan.org/pipermail/design/2002-March/002207.html
> but the Kent who doesn't
> want the kernel to be exploded into a catalogue of competing random
> number generators.
I'm with you there.
next prev parent reply other threads:[~2003-10-23 3:20 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-10-16 8:22 [RFC] frandom - fast random generator module Eli Billauer
2003-10-16 8:36 ` Nick Piggin
2003-10-16 10:20 ` Eli Billauer
2003-10-16 10:48 ` Nick Piggin
2003-10-16 11:29 ` Jeff Garzik
2003-10-16 12:27 ` Eli Billauer
2003-10-16 15:10 ` Jeff Garzik
2003-10-16 16:20 ` Andreas Dilger
2003-10-16 16:31 ` Jeff Garzik
2003-10-16 18:18 ` Andreas Dilger
2003-10-16 18:52 ` Richard B. Johnson
2003-10-16 19:31 ` Matt Mackall
2003-10-16 20:40 ` Andreas Dilger
2003-10-16 21:03 ` David Wagner
2003-10-16 23:17 ` Jeff Garzik
2003-10-16 23:42 ` Andreas Dilger
2003-10-17 0:34 ` David Wagner
2003-10-16 17:45 ` Matt Mackall
2003-10-16 18:38 ` Andreas Dilger
2003-10-16 19:08 ` Matt Mackall
2003-10-16 20:27 ` Andreas Dilger
2003-10-16 20:37 ` Matt Mackall
2003-10-16 17:31 ` Matt Mackall
2003-10-16 23:03 ` Eli Billauer
2003-10-16 23:07 ` Jeff Garzik
2003-10-16 23:13 ` Matt Mackall
2003-10-16 23:35 ` jw schultz
2003-10-21 19:24 ` bill davidsen
2003-10-21 19:55 ` bill davidsen
2003-10-21 21:21 ` Helge Hafting
2003-10-21 22:18 ` bill davidsen
2003-10-22 1:04 ` H. Peter Anvin
2003-10-21 19:17 ` bill davidsen
2003-10-21 21:00 ` H. Peter Anvin
2003-10-21 22:08 ` bill davidsen
2003-10-22 1:06 ` H. Peter Anvin
2003-10-22 2:56 ` jw schultz
2003-10-22 16:22 ` Kent Borg
2003-10-23 2:46 ` Dale Farnsworth
2003-10-23 3:22 ` Sandy Harris [this message]
2003-10-23 14:15 ` Kent Borg
2003-10-24 17:37 ` bill davidsen
2003-10-24 17:54 ` Theodore Ts'o
2003-10-24 20:59 ` David Wagner
2003-10-24 21:33 ` jw schultz
2003-10-22 3:49 ` Sandy Harris
2003-10-16 10:45 ` Ingo Oeser
2003-10-21 19:30 ` bill davidsen
[not found] <HbGf.8rL.1@gated-at.bofh.it>
[not found] ` <HbQ5.ep.27@gated-at.bofh.it>
[not found] ` <Hdyv.2Vd.13@gated-at.bofh.it>
[not found] ` <HeE6.4Cc.1@gated-at.bofh.it>
[not found] ` <HjaT.3nN.7@gated-at.bofh.it>
[not found] ` <Hjkw.3Al.11@gated-at.bofh.it>
2003-10-16 17:46 ` David Mosberger-Tang
2003-10-16 19:28 ` Eli Billauer
2003-10-16 20:42 ` Andreas Dilger
2003-10-21 19:46 ` bill davidsen
2003-10-16 21:30 ` Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3F97498D.9050704@storm.ca \
--to=sandy@storm.ca \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.