On Thu, Jan 11, 2018 at 08:19:30PM +0000, Dan Brown wrote: > > If an adversary gains access to this interface, then there is a > small risk that sensitive information leaks to the adversary, > because the entropy estimate may be derived from and correlated to > sensitive information.
I'll note that most of the entropy is coming from interrupt timing, and we use timing from many interrupts for a single bit. One can get more information about what is going on with the system using /proc/interrupts. You'll get far more detail about keyboard timings from /proc/interrupts. You can also find out what's happening with incoming network packets using ifconfig.... and then there's vmstat, iostat, ps, etc., etc. So there's quite a lot of system interfaces one would have to restrict before I would even *start* worrying about the entropy count. Regards, - Ted _______________________________________________ dsfjdssdfsd mailing list dsfjdssdfsd@ietf.org https://www.ietf.org/mailman/listinfo/dsfjdssdfsd