Date: Mon, 12 Mar 2001 14:16:33 -0800 (PST) From: Matt Dillon <dillon@earth.backplane.com> To: Mark Murray <mark@grondar.za> Cc: current@FreeBSD.ORG Subject: Re: Ethernet entropy harvesting seriously pessimizes performance Message-ID: <200103122216.f2CMGXR75489@earth.backplane.com> References: <200103122103.f2CL3YZ74166@earth.backplane.com> <200103122144.f2CLi3f92042@gratis.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
:> down and will work, SNAP, just like that?
:
:Because I need to make folks other than you happy.
:
:Lots of security minded people what _all_ the interrupt entropy
:they can get, and this method gives them that while allowing others
:to throttle the harvester back.
:
:M
:--
:Mark Murray
:Warning: this .sig is umop ap!sdn
And if I were paranoid I could setup an interrupt a thousand times
a second to scan all of physical memory and harvest the randomness
from that.
I am a security minded person... and I am also pragmatic. There's
such a thing as overkill and your random number generator is doing
it in spades. It is entirely unnecessary. Maybe rather then throw
in the overkill you should actually *test* the random number generator
to see where the randomness starts to break down when lowering the
harvest rate. Thousands of harvests a second is just plain insane,
no matter how security minded your 'lots of security minded people'
are. Just ten a second should be plenty good enough, frankly, even
for a paranoid security minded guy, especially considering the amount
of memory the random number generator is using for state.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103122216.f2CMGXR75489>