[17599] in cryptography@c2.net mail archive
Re: /dev/random is probably not
daemon@ATHENA.MIT.EDU (Sidney Markowitz)
Fri Jul 1 18:03:51 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Sat, 02 Jul 2005 09:06:46 +1200
From: Sidney Markowitz <sidney@sidney.com>
To: cryptography@metzdowd.com
In-Reply-To: <200507011708.50277.root@ihack.net>
Charles M. Hannum wrote:
> Most implementations of /dev/random (or so-called "entropy gathering daemons")
> rely on disk I/O timings as a primary source of randomness
This is not a new or unconsidered problem. Disk caching has always been a
factor in disk I/O. /dev/random uses multiple sources of entropy. The idea
is that some of the sources being deterministic does not diminish the
entropy that comes from good sources, so all can be mixed in. And if your
system does not have any good source of entropy, then you need to add one.
See a discussion back in 2001 on linux-kernel mailing list for example:
http://www.ussg.iu.edu/hypermail/linux/kernel/0104.1/0064.html
-- Sidney Markowitz
http://www.sidney.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
