Intel 810 Random Number Generator

[Pavel Machek]

Hi!

> > Very easy to work around.  A keyboard that's being pounded on
> > generates:
> > 
> > MAKE BREAK MAKE BREAK MAKE BREAK MAKE BREAK
> > 
> > A keyboard that's autorepeating generates:
> > 
> > MAKE MAKE MAKE MAKE MAKE MAKE MAKE MAKE MAKE
> > 
> > Therefore, you ignore a MAKE signal from any key that you already know
> > is down. 
> 
> PGP did this by ignoring two strokes from one key in a row, so you had to
> alternate between at least two keys.

Yes, but do you think me alternating between two keys at fastest speed
possible is giving much random data? I just timed myself, and it gives
something like 9chars/second. Thats well around jiffie
resolution. [ok, on pentium+ rng uses rdtsc, but no such thing is done
for other architectures]

Should we put "while sitting on linux machine do NOT press
two-key-sequence at fastest possible rate, because it could drain all
randomness out of entropy pool"?

Certainly not.

BTW I could imagine game which made you press keystrokes IT wants at
time IT wants (actually, many games more or less are like
this). That's of course dangerous because game now controls what goes
into entropy pool!

Sources we use for gaining randomness are not much random at all, so I
think adding i820 [which was _designed_ as random generator, unlike
keyboard, mouse, and network card!] as yet another randomness source
should be safe.

People seem to care for NSA adding hooks. But it would be certainly
easier to add other hooks [like switch me to ring0 when I do this 8
byte sequence of instructions]. People seem to run statistic tests on
poor i820 rng, but noone runs the same test on keyboard...

								Pavel
-- 
I'm pavel en ucw.cz. "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents me at discuss en linmodems.org

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/