[Cryptography] cheap sources of entropy
James A. Donald
Jamesd at echeque.com
Sat Feb 1 23:02:15 EST 2014
On 2014-02-02 09:07, Theodore Ts'o wrote:
> On Sun, Feb 02, 2014 at 07:58:58AM +1000, James A. Donald wrote:
>> Underneath all that are real material disk drives, which have
>> turbulence. The turbulence causes random and entirely unpredictable
>> timing variations, which unpredictability and variation propagate
>> all the way to the VM
> *Maybe*. There could be enough quantization errors such that you're
> not really measuring this.
But there are not.
To introduce a quantization error in timing, would need to delay in an
idle loop until the counter reached a round number. This slows stuff
down for no good reason.
Just as to suppress thermal noise in a microphone input reduces sound
quality for no good reason.
> Consider what might happen if the VMs are being scheduled by the host OS
> with a scheduling quantum measured in 10's of milliseconds
Your VM is scheduled. It attempts to read something from disk. That
part of the disk has not yet been read into memory and cached. Your VM
immediately gets idled. Another VM gets woken from idle.
Disk read completes at a time that depends on disk turbulence. The real
machine now has to do something with the data. Letting it pile up to
the next scheduling quantum is going to result in the disk head passing
over the next disk sector, resulting in a painfully slow read. So,
unless your real machine is crazy inefficient, it is going to
immediately wake the consumer of the data at a time that depends on disk
turbulence, in the hope that it can read sectors sequentially as the
platter spins.
More information about the cryptography
mailing list