Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-23 Thread Stephan Mueller
Hi Sandy, On Wed, 22 May 2013 13:40:04 -0400 Sandy Harris sandyinch...@gmail.com wrote: [...] What I'm against is relying only on solutions such as HAVEGE or replacing /dev/random with something scheme that only relies on CPU timing and ignores interrupt timing. My

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-22 Thread Stephan Mueller
On Tue, 21 May 2013 17:39:49 -0400 Sandy Harris sandyinch...@gmail.com wrote: Hi Sandy, On Tue, May 21, 2013 at 3:01 PM, Theodore Ts'o ty...@mit.edu wrote: I continue to be suspicious about claims that userspace timing measurements are measuring anything other than OS behaviour. Yes,

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-22 Thread Sandy Harris
Stephan Mueller smuel...@chronox.de wrote: Ted is right that the non-deterministic behavior is caused by the OS due to its complexity. ... For VM's, it means we should definitely use paravirtualization to get randomness from the host OS. ... That is already in place at least with KVM

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-22 Thread Stephan Mueller
On Wed, 22 May 2013 13:40:04 -0400 Sandy Harris sandyinch...@gmail.com wrote: Hi Sandy, Stephan Mueller smuel...@chronox.de wrote: Ted is right that the non-deterministic behavior is caused by the OS due to its complexity. ... For VM's, it means we should definitely use

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-21 Thread Sandy Harris
I very much like the basic notion here. The existing random(4) driver may not get enough entropy in a VM or on a device like a Linux router and I think work such as yours or HAVEGE (http://www.irisa.fr/caps/projects/hipsor/) are important research. The paper by McGuire et al of Analysis of

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-21 Thread Stephan Mueller
On Tue, 21 May 2013 12:09:02 -0400 Sandy Harris sandyinch...@gmail.com wrote: Hi Sandy, I very much like the basic notion here. The existing random(4) driver may not get enough entropy in a VM or on a device like a Linux router and I think work such as yours or HAVEGE (

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-21 Thread Theodore Ts'o
I continue to be suspicious about claims that userspace timing measurements are measuring anything other than OS behaviour. But that doesn't mean that they shouldn't exist. Personally, I believe you should try to collect as much entropy as you can, from as many places as you can. For VM's, it

Re: [PATCH][RFC] CPU Jitter random number generator (resent)

2013-05-21 Thread Sandy Harris
On Tue, May 21, 2013 at 3:01 PM, Theodore Ts'o ty...@mit.edu wrote: I continue to be suspicious about claims that userspace timing measurements are measuring anything other than OS behaviour. Yes, but they do seem to contain some entropy. See links in the original post of this thread, the