On Sat, Jan 14, 2012 at 05:34:06PM +0100, Andy Polyakov wrote: > > Comments on http://www.openssl.org/~appro/OPENSSL_instrument_bus/ are > welcomed.
I'd be more comfortable with this if I understood what physical process might be generating the entropy. For example, I've been working on a version of the old TrueRand code, timing independent oscillators on the same system against each other; on a modern system, you've usually got a number of clocks that derive from different oscillators: the processor clock, the system clock, and the clocks used for audio input/output are a good bet (this is a somewhat safer way to use audio hardware as a random number source). The source of the underlying entropy in that case is reasonbly well understood and accepted: the slip of the different oscillators really is random, since it results from thermal events, and though its trend can be characterized according to temperature, that will be _different_ for each oscillator, so measuring them against each other should be safe. But here, I think you're measuring the difference between two clocks that are derived from the same oscillator. That is worrisome. It seems possible an adversary could analyze the device and describe the jitter mathematically even if it's too complex to show up in your FFT tests. Where does the underlying entropy come from, and does its safety depend on the clock distribution hierarchy of the system where this code runs? Thor ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
