tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: [PATCH] Kernel entropy rework
> On Dec 21, 2019, at 5:08 PM, Taylor R Campbell <riastradh%NetBSD.org@localhost> wrote:
>
>
>
> The attached patch set reworks the kernel entropy subsystem.
>
> ...
> - For (e.g.) keyboard interrupt and network packet timings, this
> is zero, because an adversary can cause events to happen with
> timing that leads to predictable samples entering the pool.
That seems overly pessimistic, depending on the timer resolution. If you have a CPU cycle timer, then it is perfectly reasonable to claim a bit or two of entropy, since an adversary doesn't have the ability to control the timing of those events to nanosecond accuracy, nor the ability to control internal processing delays (like memory cache misses) which introduce variability way in excess of a CPU cycle.
paul
Home |
Main Index |
Thread Index |
Old Index