Theodore Tso wrote:
>On Fri, Aug 17, 2001 at 03:05:39PM -0700, David Schwartz wrote:
>> This is a non-issue providing the entropy pool code correctly
>> estimates the amount of entropy. The Linux entropy code is written
>> so that there is no harm from putting fully known or partially known
>> numbers into the pool provided that the pool does not overestimate
>> the amount of entropy in those numbers.
>
>The problem is that by being able to perfectly observe packets on the
>LAN, you know a lot more about the numbers that are going in, and it's
>therefore extremely likely that the entropy estimate will be
>overestimated.
Right. Therefore, it seems to me that the correct thing to do is to
add network timings into the pool using an entropy estimate of zero.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Aug 23 2001 - 21:00:31 EST