tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: getrandom and getentropy

On Tue, May 12, 2020 at 04:59:52PM +0300, Andreas Gustafsson wrote:
> I don't particularly care if we require 100 or 384 bits of estimated
> entropy, nor do I particularly care if the entropy estimate of a
> keystroke timestamp is 0 or 1 bit.  But I do very much care that if I
> accidentally try to generate an ssh key on a system that has no
> entropy at all, it must not succeed.

Once more and alone and maybe it will sink in:

    There is no reasonable way to estimate system entropy. 

Please think what that statement means. Consider for fun emulating a 20
year old computer with a deterministic high precision model keeping all
storage in memory. There is no source of entropy in such a system and no
way for the emulation to tell.


Home | Main Index | Thread Index | Old Index