[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130922232337.GD7321@thunk.org>
Date: Sun, 22 Sep 2013 19:23:37 -0400
From: Theodore Ts'o <tytso@....edu>
To: "H. Peter Anvin" <hpa@...or.com>
Cc: Linux Kernel Developers List <linux-kernel@...r.kernel.org>,
joern@...fs.org, macro@...ux-mips.org, ralf@...ux-mips.org,
dave.taht@...il.com, blogic@...nwrt.org, andrewmcgr@...il.com,
smueller@...onox.de, geert@...ux-m68k.org, tg@...bsd.de
Subject: Re: [PATCH, RFC 10/12] random: cap the rate which the /dev/urandom
pool gets reseeded
On Sun, Sep 22, 2013 at 03:45:11PM -0700, H. Peter Anvin wrote:
> I understand the motivation, but I question basing it in a fixed amount of time.
We already have a threshold based on the amount of the entropy in the
input pool. I could increase that threshold, but then instead of
having the entropy hover between say, 192 and 128, it would hover
between say, 576 and 512. What that means in practice is that there
will be a higher baseline, but we will still end up reseeding every 10
seconds or so (that being approximately how much entropy I've seen
flowing into the input pool on my laptop system --- 64 bits every 10
seconds or so).
By basing it on a time-based threshold, it means that the input pool
can build up faster such that over time, such that entropy pool ends
up hovering around 3400 bits.
What is your concern is about having it being time-based --- or more
accurately, being partially time-based, since we also keep the entorpy
count based threshold? I'll note that the Fortuna Random Number
Generator, devised by Bruce Schneier and Niels Ferguson also uses as
part of its design a time-based reseed limit.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists