LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

MAC address as random input?

MAC address as random input?

Posted Jul 26, 2012 8:01 UTC (Thu) by nix (subscriber, #2304)
In reply to: MAC address as random input? by pjm
Parent article: Random numbers for embedded devices

Quite. This is one reason why the BSDs et al don't bother with an entropy estimate: as long as there's *some* entropy, you're fine, and if it's wrong, you're very much not fine.

(I like the entropy estimator for a much more selfish reason: collecting randomness from some sources can be quite expensive, and we can use the entropy estimator as a high-water-mark to indicate that there's no point whatsoever providing more randomness because nobody's read much since we last shoved a bunch in. We could do much the same thing with a simple counter of "bytes read from /dev/*random by other users since last entropy fed in by a /dev/random writer", but that leaks information about those other users and might be considered ugly. The BSDs don't have a counter like this, and it makes the ekeyd ridiculously costly on those platforms because it has to pull entropy from the key and remix it for /dev/random all the time, even if the system is otherwise totally idle.)

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds