On Monday 08 May 2006 19:21, Pavel Machek wrote:
> Hi!
>
> > > What do other platforms without a TSC do?
> >
> > Using get_cycles() for /dev/random is new as of 2.6. Before that, we
> > were directly calling rdtsc on x86 alone. 10msec resolution is fine
> > for plenty of sources.
>
> For what devices are timestamps still 'random/unobservable' in 10msec
> range?
>
> Maybe keyboard... but no, keyboard has autorepeat and can be observed
> remotely with 10msec accuracy in many cases. (telnet to bbs?)
>
> Disk requests take less than 10msec.
>
> It is trivial to measure packets with 10msec accuracy.
>
> Mouse will generate many events within 10msec when user actually uses
> it.
>
> ...so, what devices are still random with 10msec sampling?
There may be no devices with randomness in 10msec ...
... but how about the *count* of events during 10msec?
Keyboard presses may be observable from outside, but disk accesses, network
interrupts, mouse moves etc. .... especially if the (outside) accesses have
to be correlated to the (internal) timer interrupt.
Get the count of events in 10msec, take the lowest bit. In 1.28 seconds you'll
get your 128bit key.
Or, to be conservative, take only the XOR of 8 consecutive bits ... then
you'll have to wait 10 seconds, but will be a bit more secure.
Such a mechanism could even be used on machines with TSC ... just do an
(non-locked) increment of some counter, reset it on every jiffie, and take a
bit of entropy.
How about that?
Regards,
Phil
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
