Date: Fri, 12 Jan 2001 15:46:30 +0200 From: Mark Murray <mark@grondar.za> To: Nate Dannenberg <natedac@kscable.com> Cc: current@FreeBSD.ORG Subject: Re: entropy bikesheds Message-ID: <200101121346.f0CDkVI13562@gratis.grondar.za> In-Reply-To: <Pine.BSF.4.31.0101120042000.56776-100000@flute.daconcepts.dyndns.org> ; from Nate Dannenberg <natedac@kscable.com> "Fri, 12 Jan 2001 01:05:12 CST." References: <Pine.BSF.4.31.0101120042000.56776-100000@flute.daconcepts.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Start some kind of hardware-managed timer at the earliest possible > opportunity (perhaps start it in the boot loader!), then when you need to > pick up your first seed, read the timer's value and seed your random > generator from that. I have some much more sophisticated code (written by JHB) that does effectively this. It does it by hooking interrupt randomness, and by using the interrupts from your disk controllers (SCSI and IDE/ATA), a nicely fast reseed is gained. I'll happily commit it now, but I'd prefer a code review first, and is suspect that this will be better received once Jake's preemptive ithread code is committed. > The idea is to catch that timer at an unknown condition, and certainly the > computer is not going to boot in the exact same amount of time, every time > it's restarted. This would be especially true if the boot sequence gets > interrupted (to load another kernel perhaps) or the user forces the > machine into single-user mode while it's booting. All entropy harvesting uses some kind of harvesting. On i386, (Pentium and better) it is the TSC register. 80386 and 80486 use nanotime(9) and other CPUs have a TSC-like register. > In my hobby platform, it's common to start the timer, then grab a value > from it after the user hits a key after viewing some introduction screen. > The value grabbed is often used as the actual random number, but it could > be just as useful if used to seed a random generator. SOP :-) > If you're particularly paranoid, you set both timers for 32-bit mode, > start one first thing at startup, and the other when the user hits the > key, then read both of them the first time a random number is needed. > Seed your random generator from that, along with any other sources you can > (such as the video raster counter and the sound device's readable > oscillator, set to generate a noise waveform). Slight overkill, when the TSC register is already used and deliberately underestimated to improve randomness quality. M -- Mark Murray Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200101121346.f0CDkVI13562>