On Sun, Apr 04, 2021 at 09:24:56PM +0000, RVP wrote: > PS. Is there a way to get the bit-stream from the various in-kernel > sources so that we can run them through these sort of tests? That > way we can check--not intuit--how random the bit-streams they > produce really are.
Part of the problem here is that most of the non-RNG data sources are easily observable either from the local system (e.g. any malicious user) or other VMs on the same machine (in case of a hypervisor) or local machines on the same network (in case of network interrupts). That's the real reason why their entropy is hard to estimate. It becomes even more annoying with modern hardware features like interrupt moderation of nics. They can make the timing of interrupts highly predicable. Joerg