Re: RND_TYPE_RNG question concerning rate of random bits production

["Perry E. Metzger" <perry%piermont.com@localhost>]

On Wed, 15 Jan 2014 20:28:17 -0500 Thor Lancelot Simon
<tls%panix.com@localhost> wrote:
> On Wed, Jan 15, 2014 at 05:26:34PM -0600, Frank Zerangue wrote:
> > I am writing a driver for an arm random number generator
> > accelerator to provide a source of random bits to rnd_pool.
> > 
> > How does one know at what rate to supply random bits to the pool
> > using rnd_add_data()? Assume for a moment that more bits/sec can
> > be generated than are needed, what criteria should be used to
> > decide the rate to provide bits to the pool? Is there any
> > feedback mechanism that can be used to govern the flow?
> 
> You can arrange to be polled for entropy when it's needed.  Have a
> look at the hifn, amdpm, or bcm2835 RNG drivers.

Note that there has been recent work on formal analysis of CPRNGs
like the ones used by various Unix kernels. They tend to indicate
that proper entropy estimation is not as important as rendering the
generator robust against bad entropy estimates. See, for example:

http://www.cs.nyu.edu/~dodis/ps/rng.pdf

Perry
-- 
Perry E. Metzger                perry%piermont.com@localhost