chip-level randomness?

Bram Cohen bram at gawth.com
Wed Sep 19 04:12:44 EDT 2001


On Tue, 18 Sep 2001, Pawel Krawczyk wrote:

> On Mon, Sep 17, 2001 at 01:44:57PM -0700, Bram Cohen wrote:
> 
> > > What is important, it *doesn't* feed the built-in Linux kernel PRNG
> > > available in /dev/urandom and /dev/random, so you have either to only
> > > use the hardware generator or feed /dev/urandom yourself.
> > That's so ... stupid. Why go through all the work of making the thing run
> > and then leave it unplugged?
> 
> It's not that stupid, as feeding the PRNG from i810_rng at the kernel
> level would be resource intensive,

You only have to do it once at startup to get enough entropy in there.

> not necessary in general case

Since most applications reading /dev/random don't want random numbers
anyway?

> and would require to invent some defaults without any reasonable
> arguments to rely on. Like how often to feed the PRNG, with how much
> data etc.

At startup and with 200 bits of data would be fine.

Of course, there's the religion of people who say that /dev/random output
'needs' to contain 'all real' entropy, despite the absolute zero increase
in security this results in and the disastrous effect it can have on
performance.

-Bram Cohen

"Markets can remain irrational longer than you can remain solvent"
                                        -- John Maynard Keynes




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list