Re: insufficient entropy for rnd

To: David Laight <david%l8s.co.uk@localhost>
Subject: Re: insufficient entropy for rnd
From: Daniel Carosone <dan%geek.com.au@localhost>
Date: Fri, 22 Aug 2003 17:23:29 +1000

On Fri, Aug 22, 2003 at 06:38:10AM +0100, David Laight wrote:
> > In particular, that any amount of noise, from any source, fed into
> > the pool will help, while no amount of predictable input will harm.
> 
> Except that the count of the amount of entropy in the pool will be
> too high.

That's a possibility, but I'm not convinced of even that as a real
danger:

  sources which might easily be fed known data, such as writes to
  /dev/random, are not flagged "estimate", so won't add to the "count"

  if a user enables "collect" on, say, -t net, they can still leave
  estimation off.

  even those have sample times added as well as the known data,
  which on a platform with cycle counters has a very strong chance
  of unknown LS bits.

--
Dan.

References:
- Re: insufficient entropy for rnd
  - From: Daniel Carosone
- Re: insufficient entropy for rnd
  - From: Michael Richardson
- Re: insufficient entropy for rnd
  - From: Daniel Carosone
- Re: insufficient entropy for rnd
  - From: David Laight

Prev by Date: Re: insufficient entropy for rnd
Next by Date: Re: insufficient entropy for rnd
Previous by Thread: Re: insufficient entropy for rnd
Next by Thread: Re: insufficient entropy for rnd
Indexes:

Home | Main Index | Thread Index | Old Index