Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: regarding the changes to kernel entropy gathering

On Sun, 4 Apr 2021, Greg A. Woods wrote:

At Sun, 4 Apr 2021 09:49:58 +0000, Taylor R Campbell <> wrote:

Your change _creates_ the lie that every bit of data entered this way
is drawn from a source with independent uniform distribution.

No, my change _allows_ the administrator to decide which devices can be
used as estimating/counting entropy sources.  For example I know that
many of the devices on almost all of my machines (virtual or otherwise)
are equally good sources of entropy for their uses.

I think running the /dev/random bit-stream through some statistical
tests, (both on RDRAND/RDSEED-based and estimator-based as in your
patch) would be useful here.

Binary packages already have the dieharder RNG tester. Then, there
is John Walker's ent for PRNGs:

NIST has some too, I believe (I can't locate them right now).


PS. Is there a way to get the bit-stream from the various in-kernel
sources so that we can run them through these sort of tests? That
way we can check--not intuit--how random the bit-streams they
produce really are.

Home | Main Index | Thread Index | Old Index