Date: Sat, 22 Jul 2000 18:20:13 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Poul-Henning Kamp <phk@critter.freebsd.dk> Cc: Brian Fundakowski Feldman <green@FreeBSD.ORG>, "Louis A. Mamakos" <louie@TransSys.COM>, arch@FreeBSD.ORG Subject: Re: Quantifying entropy Message-ID: <Pine.BSF.4.21.0007221750110.42488-100000@freefall.freebsd.org> In-Reply-To: <345.964276024@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 22 Jul 2000, Poul-Henning Kamp wrote:
> Not to be attacking Brian in particular, but I am getting pretty
> damn tired of seing any suggestion put forth in this thread getting
> shot down from black helicopters by Elvis.
It's sensible to consider possible attacks against the entropy source, but
it's also dependant on the threat model you choose - for most people,
radio signal-jamming by men in black suits is probably not on their threat
radar :-)
Really, the question to ask is "can this source be used to gather bits
which are not under the control of an attacker with modest resources, or
visible to him?" The answer for most things is "yes, to some extent" at
which point further speculation becomes useless until someone actually
implements the measurement hooks and tests them for quality. For example,
the "safest" use for the radio receiver may be from the intrinsic sampling
noise.
Which hooks should be used on a system and what weight they should be
given is a matter for local policy and customization and should be exposed
to the administrator (with "reasonable" system defaults).
> Yes, of course I could simulate the local quardrant of the galaxy
> at a quantummechanical level and predict everything, but is it
> really realistic ?
Actually mainstream physics says this is not even possible, so you can
rest easy on that front :-)
> I can only applaud and congratulate MarkM on what he has managed
> to do so far in the face of an infinite army of bikeshed building
> arm-chair generals.
I havent seen anyone attacking Mark for what he has done. He was attacked
for his methods in introducing it to FreeBSD, and there are implementation
and algorithmic details yet to be resolved to everyone's satisfcation, but
I think everyone agrees that it's a fundamentally good and useful thing.
To paraphrase a saying: when the only discussion metaphor you have is a
bikeshed, all the world looks green :-)
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007221750110.42488-100000>