lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140204192325.GA11831@thunk.org>
Date:	Tue, 4 Feb 2014 19:23:25 +0000
From:	tytso@....edu
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Stephan Mueller <smueller@...onox.de>,
	Jörn Engel <joern@...fs.org>,
	Linux Kernel Developers List <linux-kernel@...r.kernel.org>,
	macro@...ux-mips.org, ralf@...ux-mips.org, dave.taht@...il.com,
	blogic@...nwrt.org, andrewmcgr@...il.com, geert@...ux-m68k.org,
	tg@...bsd.de, sandyinchina@...il.com
Subject: Re: [RFC PATCH 0/5] CPU Jitter RNG

On Tue, Feb 04, 2014 at 11:06:04AM -0800, H. Peter Anvin wrote:
> 
> The quantum noise sources there are in a system are generally two
> independent clocks running against each other.  However, independent
> clocks are rare; instead, most clocks are in fact slaved against each
> other using PLLs and similar structures.

One of the things that would be useful for us to understand is in
general, where in a system we have independent clocks.  For example, I
think (correct me if I'm wrong), a 2.5" or 3.5" HDD has its own clock
which is separate from the CPU/chipset.  That is actually how and
where we get any entropy; I am not at all convinced that we are
getting any variation from "chaotic air turbulence in the HDD" ---
that paper was published in 1994, and hard drive technologies have
changed quite a bit since then, with extra layers of caching, track
bufers, etc.

However, where a decade ago the ethernet card probably had its own
independent clock crystal/oscillator, I'm going to guess that these
days with SOC's and even on laptops, with ethernet device part of the
chipset, it is probably being driven off the same master oscillator.

I wonder if there's anyway we can either figure out manually, or
preferably, automatically at boot time, which devices actually have
independent clock oscillators.

							- Ted

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ