Appropriate sources of entropy
Posted May 22, 2008 20:27 UTC (Thu) by aegl
Parent article: Appropriate sources of entropy
"But network interrupts are seen as a dubious source of entropy because they may be able to be observed, or manipulated, by an attacker"
Most modern systems can measure the interval between interrupts to a very high precision using a processor cycle counter ... and Linux does use this when it is available when adding randomness to the pool. It seems implausible that an attacker can reliably observe or manipulate network traffic to sub nano-second precision (unless (s)he has a logic analyser connected to the target system!).
If the only clock source is "jiffie" resolution, then I can see this is an issue.
to post comments)