Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On Sun, Feb 10, 2013 at 08:32:37PM +0100, Stephan Mueller wrote: > > Given all your doubts on the high-precision timer, how can you > reasonably state that the Linux kernel RNG is good then? Because we're measuring intervals that are substantially larger than "CPU jitter". (i.e., inputs from key

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On Sun, Feb 10, 2013 at 2:32 PM, Stephan Mueller wrote: > On 10.02.2013 19:50:02, +0100, Theodore Ts'o wrote: > Given all your doubts on the high-precision timer, how can you > reasonably state that the Linux kernel RNG is good then? > > The data from add_timer_randomness the kernel feeds into

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On 10.02.2013 19:50:02, +0100, Theodore Ts'o wrote: Hi Ted, > On Sun, Feb 10, 2013 at 01:46:18PM +0100, Stephan Mueller wrote: >> However, the CPU has timing jitter in the execution of instruction. And >> I try to harvest that jitter. The good thing is that this jitter is >> always present and ca

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On Sun, Feb 10, 2013 at 1:50 PM, Theodore Ts'o wrote: > On Sun, Feb 10, 2013 at 01:46:18PM +0100, Stephan Mueller wrote: >> >> However, the CPU has timing jitter in the execution of instruction. And >> I try to harvest that jitter. The good thing is that this jitter is >> always present and can b

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On Sun, Feb 10, 2013 at 01:46:18PM +0100, Stephan Mueller wrote: > > However, the CPU has timing jitter in the execution of instruction. And > I try to harvest that jitter. The good thing is that this jitter is > always present and can be harvested on demand. How do you know, though, that this is

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

OK, my original reading of the mixing code was not accurate. This time around, I started with the original posted tarball and turned the use of the CPU clock into a very simple and clearly bad "clock" that will provide no entropy. --- jitterentropy-0.1/jitterentropy.c 2013-02-08 15:22:22.0

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On 10.02.2013 02:57:51, +0100, Jeff Epler wrote: Hi Jeff, > On Sat, Feb 09, 2013 at 01:06:29PM -0500, Theodore Ts'o wrote: >> For that reasons, what I would suggest doing first is generate a >> series of outputs of jitterentropy_get_nstime() followed by >> schedule(). Look and see if there is an

Re: [RFC][PATCH] Entropy generator with 100 kB/s throughput

On 09.02.2013 19:06:29, +0100, Theodore Ts'o wrote: Hi Ted, thank you for the review. > On Fri, Feb 08, 2013 at 11:04:54PM +0100, Stephan Mueller wrote: >> * an array of statistical test suites pass the output of the entropy >> collector >> (again, the output is not mangled with cryptography)