Re: [PATCH 7/14] random: Remove SA_SAMPLE_RANDOM from network drivers

[Ph. Marek]

On Monday 08 May 2006 19:21, Pavel Machek wrote:
> Hi!
>
> > > What do other platforms without a TSC do?
> >
> > Using get_cycles() for /dev/random is new as of 2.6. Before that, we
> > were directly calling rdtsc on x86 alone. 10msec resolution is fine
> > for plenty of sources.
>
> For what devices are timestamps still 'random/unobservable' in 10msec
> range?
>
> Maybe keyboard... but no, keyboard has autorepeat and can be observed
> remotely with 10msec accuracy in many cases. (telnet to bbs?)
>
> Disk requests take less than 10msec.
>
> It is trivial to measure packets with 10msec accuracy.
>
> Mouse will generate many events within 10msec when user actually uses
> it.
>
> ...so, what devices are still random with 10msec sampling?
There may be no devices with randomness in 10msec ...

... but how about the *count* of events during 10msec?

Keyboard presses may be observable from outside, but disk accesses, network 
interrupts, mouse moves etc. .... especially if the (outside) accesses have 
to be correlated to the (internal) timer interrupt.

Get the count of events in 10msec, take the lowest bit. In 1.28 seconds you'll 
get your 128bit key.

Or, to be conservative, take only the XOR of 8 consecutive bits ... then 
you'll have to wait 10 seconds, but will be a bit more secure.

Such a mechanism could even be used on machines with TSC ... just do an 
(non-locked) increment of some counter, reset it on every jiffie, and take a 
bit of entropy.


How about that?



Regards,

Phil
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/