> On Dec 21, 2019, at 5:08 PM, Taylor R Campbell <[email protected]> wrote:
>
>
>
> The attached patch set reworks the kernel entropy subsystem.
>
> ...
> - For (e.g.) keyboard interrupt and network packet timings, this
> is zero, because an adversary can cause events to happen with
> timing that leads to predictable samples entering the pool.
That seems overly pessimistic, depending on the timer resolution. If you have
a CPU cycle timer, then it is perfectly reasonable to claim a bit or two of
entropy, since an adversary doesn't have the ability to control the timing of
those events to nanosecond accuracy, nor the ability to control internal
processing delays (like memory cache misses) which introduce variability way in
excess of a CPU cycle.
paul
