From: Tim Walberg <twalberg@mindspring.com>
To: "Richard B. Johnson" <root@chaos.analogic.com>
Cc: Steve Hill <steve@navaho.co.uk>, linux-kernel@vger.kernel.org
Subject: Re: /dev/random in 2.4.6
Date: Wed, 15 Aug 2001 11:29:47 -0500 [thread overview]
Message-ID: <20010815112947.B6067@mindspring.com> (raw)
In-Reply-To: <Pine.LNX.4.21.0108151622570.2107-100000@sorbus.navaho> <Pine.LNX.3.95.1010815113613.28526A-100000@chaos.analogic.com>
In-Reply-To: <Pine.LNX.3.95.1010815113613.28526A-100000@chaos.analogic.com> from Richard B. Johnson on 08/15/2001 10:42
[-- Attachment #1: Type: text/plain, Size: 1228 bytes --]
I may be wrong here - haven't looked at the source lately -
and I'm sure someone will correct me if I am, but I don't
think that network interrupts in general contribute to
the random driver, the theory being that an attacker
could carefully time the packets sent and thus possibly
influence the entropy pool in some way that would gain
some advantage. I don't think this has been proven, just
that network interrupts are not used because of general
paranoia to that effect. The sources I know of that contribute
to the entropy pool are keyboard and mouse interrupts (and
scancodes and pointer positions), some block device timing
information and some other interrupts. Actually, a quick
perusal of 2.4.8-ac3 shows that the sk_mca, 3c523, and ibmlana
network drivers seem to be the only other drivers that
include the SA_SAMPLE_RANDOM bit in their interrupt processing.
So, my guess is that on a system without mouse and keyboard,
you may need to do something (low priority-ish to minimize
performance impact) that generates a fair amount of disk activity
in order to keep the entropy pool full (unless you happen to have
one of the above network drivers).
tw
--
twalberg@mindspring.com
[-- Attachment #2: Type: application/pgp-signature, Size: 175 bytes --]
next prev parent reply other threads:[~2001-08-15 16:30 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-08-15 15:07 /dev/random in 2.4.6 Steve Hill
2001-08-15 15:21 ` Richard B. Johnson
2001-08-15 15:27 ` Steve Hill
2001-08-15 15:42 ` Richard B. Johnson
2001-08-15 16:29 ` Tim Walberg [this message]
2001-08-15 17:13 ` Andreas Dilger
2001-08-16 8:37 ` Steve Hill
2001-08-16 19:11 ` Andreas Dilger
2001-08-16 19:35 ` Alex Bligh - linux-kernel
2001-08-16 20:30 ` Andreas Dilger
2001-08-17 0:49 ` Robert Love
2001-08-17 1:05 ` Robert Love
2001-08-19 17:29 ` David Wagner
2001-08-17 21:18 ` Theodore Tso
2001-08-17 22:05 ` David Schwartz
2001-08-19 15:13 ` Theodore Tso
2001-08-19 15:33 ` Rob Radez
2001-08-19 17:32 ` David Wagner
2001-08-19 23:32 ` Oliver Xymoron
2001-08-20 7:40 ` Helge Hafting
2001-08-20 14:01 ` Oliver Xymoron
2001-08-20 13:37 ` Alex Bligh - linux-kernel
2001-08-20 14:12 ` Oliver Xymoron
2001-08-20 14:40 ` Alex Bligh - linux-kernel
2001-08-20 14:55 ` Chris Friesen
2001-08-20 15:22 ` Oliver Xymoron
2001-08-20 15:25 ` Doug McNaught
2001-08-20 15:42 ` Chris Friesen
2001-08-21 10:03 ` Steve Hill
2001-08-21 18:14 ` David Wagner
2001-08-20 16:01 ` David Wagner
2001-08-20 19:30 ` Gérard Roudier
2001-08-20 15:07 ` Oliver Xymoron
2001-08-21 8:33 ` Alex Bligh - linux-kernel
2001-08-21 16:13 ` Oliver Xymoron
2001-08-21 17:44 ` Alex Bligh - linux-kernel
2001-08-21 18:24 ` David Wagner
2001-08-21 18:49 ` Alex Bligh - linux-kernel
2001-08-21 19:04 ` Oliver Xymoron
2001-08-21 19:20 ` Alex Bligh - linux-kernel
2001-08-21 21:44 ` Robert Love
2001-08-21 18:19 ` David Wagner
2001-08-20 16:00 ` David Wagner
2001-08-21 1:20 ` Theodore Tso
2001-08-21 8:39 ` Alex Bligh - linux-kernel
2001-08-21 10:46 ` Marco Colombo
2001-08-21 12:40 ` Alex Bligh - linux-kernel
2001-08-21 17:06 ` cfs+linux-kernel
2001-08-21 17:48 ` Alex Bligh - linux-kernel
2001-08-21 18:27 ` David Wagner
2001-08-21 18:25 ` David Wagner
2001-08-20 22:55 ` D. Stimits
2001-08-21 1:06 ` David Schwartz
2001-08-19 17:31 ` David Wagner
2001-08-19 17:27 ` David Wagner
2001-08-15 19:25 ` Alex Bligh - linux-kernel
2001-08-15 20:55 ` Robert Love
2001-08-15 21:27 ` Alex Bligh - linux-kernel
2001-08-16 8:55 ` Steve Hill
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010815112947.B6067@mindspring.com \
--to=twalberg@mindspring.com \
--cc=linux-kernel@vger.kernel.org \
--cc=root@chaos.analogic.com \
--cc=steve@navaho.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox