[Freedombox-discuss] timer entropy
Frank
frank at debian-nas.org
Tue Oct 4 15:40:17 UTC 2011
Hi,
> -----Original Message-----
> From: Sandy Harris [sandyinchina at gmail.com]
> Sent: Tuesday, October 04, 2011 17:18
> To: Frank
> Subject: Re: [Freedombox-discuss] timer entropy
>
> On Tue, Oct 4, 2011 at 8:36 PM, Frank <frank at debian-nas.org> wrote:
>
> > great to see efforts to create additional sources for entropy. I took
> the
> > liberty of reading the accompanying PDF paper in the FTP repository
> for
> > maxwell. In the paper the claim is made that HAVEGED is only
> > 'pseudo-random'.
>
> I did not intend to make that claim, more that Havege is /partly/
> pseudo-random.
<cut>
I wonder how HAVEGED's pseudo-random nature is different from Maxwell. I interpret a pseudo-random number generator as one that uses a deterministic process for generating the entropy. In HAVEGED case, you need to know the internal state of the CPU, system bus and memory as well as the content of many tables to be able to reproduce its output, which is computationally infeasible (as they claim). HAVEGED uses NMININT to produce consistently random output (see explanation on http://www.irisa.fr/caps/projects/hipsor/misc.php ).
I'm just wondering if HAVEGED is really less suitable than Maxwell for seeding /dev/random which you claim in your paper. Is the output of the algorithm you use, dependent on the system timer, really less reproducible than HAVEGED? I'd like to see evidence for that...
Note that I do not wish to discourage research on methods for obtaining entropy, merely to critically look at your claim about HAVEGED in relation to maxwell.
Regards,
Frank
More information about the Freedombox-discuss
mailing list