Re: Patch: new random pseudodevice

[Paul Koning <paulkoning%comcast.net@localhost>]

> 
> -----Original Message-----
> From: tech-kern-owner%NetBSD.org@localhost 
> [mailto:tech-kern-owner%NetBSD.org@localhost] On Behalf Of Mouse
> Sent: Friday, December 09, 2011 2:34 PM
> To: tech-security%NetBSD.org@localhost; tech-kern%NetBSD.org@localhost; 
> tech-crypto%NetBSD.org@localhost
> Subject: Re: Patch: new random pseudodevice
> 
>> You are aware of the fact that 99.99% of computers don't have true 
>> random number generators and the bits you claim that are random are 
>> not random at all?
> 
> Actually, practically all computers have true random number generators.
> The first problem is that neither they nor their interfaces are designed as 
> such, so getting the randomness out of them and into the system 
> is...interesting.  The second problem is that nobody really knows just how 
> good the resulting randomness is - that is, while there is true randomness 
> there, nobody knows just how much information content there is in each 
> "random" bit.  (The latter is one reason for whitening input bits as they are 
> gathered.)
> 
> These random number generators are things like the turbulence inside disk 
> drives and the noise in sound input.

I would hate to pay attention to sound input.  But crypto engines usually have 
a thing like this, which may be based on multiple free running oscillators or 
some such scheme.  (That's essentially what old time Ethernet chips like Lance 
did -- though not Intel, which got it horribly wrong.)

The thing to do with any purported "true random number generator" in hardware 
is to feed it into the entropy input of the /dev/random driver.  That way it 
can do no harm and will do some good -- how much good depends on the merits of 
the hardware.  For example, any question of systematic bias no longer matters.

        paul