[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Entropy Patch with Linebreaks
From: |
Marcus Brinkmann |
Subject: |
Re: Entropy Patch with Linebreaks |
Date: |
Thu, 23 Aug 2007 13:07:30 +0200 |
User-agent: |
Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (Shijō) APEL/10.6 Emacs/23.0.0 (i486-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) |
At Sun, 12 Aug 2007 11:47:28 +0200,
Samuel Thibault <samuel.thibault@ens-lyon.org> wrote:
> > + /* Sune Kirkeby's entropy patch (which was a port of the
> > + linux entropy drivers for GNU mach) placed the keyboard
> > + entropy source here. I looked at that for an idea of where
> > + how to do write this driver. */
> > + entropy_putchar(scancode | (up ? 0200 : 0), ENTROPY_LOW_QUALITY);
>
> Why low quality? I know people always use the same commands (ls, mv...)
> but the order in which they type them is to my mind a very good source
> of entropy. Also, the _time_ when characters are typed should be the
> best source of entropy, you should really take that into account.
A careful analysis of "quality" produced by various sources can be found in:
Thomas Biege
Analysis of a strong Random Number Generator
http://www.suse.de/~thomas/papers/random-analysis.pdf
This paper does not include keyboard and mouse activity but focuses on
initialization at boot time. Thus, more important than the result
(which, in summary, is that booting to a static configuration does not
produce good entropy) is the description of the methods used to
measure entropy.
It's a good idea to be conservative about entropy measurements.
Commonly it is overestimated by a large margin.
Thanks,
Marcus