Subject: Re: insufficient entropy for rnd
To: None <>
From: Michael Richardson <>
List: tech-crypto
Date: 08/21/2003 11:19:35

>>>>> "Daniel" == Daniel Carosone <> writes:
    Daniel> On Wed, Aug 20, 2003 at 09:23:43PM -0000, Peter Hendrickson
    Daniel> wrote:
    >> I have some code which implements an entropy monitoring daemon.  When
    >> your entropy pool runs low, it frobs the disk until the level is
    >> restored:

    Daniel> Without actually having looked at it yet, this is useful. There
    Daniel> are a whole class of things that can be done to improve "entropy"
    Daniel> gathering from userspace, this is one useful idea.

    Daniel> Many other things can help, especially as you (root) can write to
    Daniel> /dev/random to stir more data into the pool from userspace
    Daniel> sources.

    Daniel> pointed at lava lamps, fish tanks, busy streets, etc.  - various
    Daniel> hobby or commercial rng devices (diode noise, etc)

  Check out:

    Daniel> Most of these measures are basically unnecessary if you have one
    Daniel> of the newer i386 motherboards with hardware RNG, and for most

  If you speak about Intel's RNG's, then it is my understanding that it is
impossible to prove that this source isn't biased, since the bit stream has
already been whitened. "Trust us" says Intel.

]      Out and about in Ottawa.    hmmm... beer.                |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] |device driver[
] panic("Just another Debian/notebook using, kernel hacking, security guy");  [

Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys - custom hacks make this fully PGP2 compat