Intel 810 Random Number Generator
H. Peter Anvin
hpa en transmeta.com
Mar Ene 25 02:36:34 CST 2000
Followup to: <20000124161304.A21992 en atrey.karlin.mff.cuni.cz>
By author: Pavel Machek <pavel en suse.cz>
In newsgroup: linux.dev.kernel
>
> hi!
>
> > > > Is it feasible to offer a compile-time option which simply replaces
> > > > /dev/random?
> > >
> > > Methinks that would be an error. You'd be trusting the RNG too much.
> > > Use it as an input to /dev/random by all means, but not as a
> > > replacement.
> >
> > Either you trust RNG or you don't. There is no middle ground.
>
> I just trust hardware RNG to be more random then keypresses. Yes there
> is middle ground.
>
> > If you do not trust RNG, then using it as a /dev/random entropy source
> > is pointless. Why introduce theoretically non-random entropy to the
> > /dev/random pool?
>
> We already include keypresses in /dev/random pool. They are not
> random, are they? Network packet timing is also far from random, is
> it? But both are still valuable sources of data.
>
The only issue is how much do you bump the enthrophy counter. If you
bump it 0 everytime, you could enter constant data without problems
(in fact, some sources bump 0 because we can't *guarantee* that they
have more enthropy than that.) If you bump it more than that, you are
making the promise that *at least* that much enthropy was injected in
the pool.
-hpa
--
<hpa en transmeta.com> at work, <hpa en zytor.com> in private!
"Unix gives you enough rope to shoot yourself in the foot."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
Más información sobre la lista de distribución Ayuda