User: Password:
|
|
Subscribe / Log in / New account

MAC address as random input?

MAC address as random input?

Posted Jul 26, 2012 8:01 UTC (Thu) by nix (subscriber, #2304)
In reply to: MAC address as random input? by pjm
Parent article: Random numbers for embedded devices

Quite. This is one reason why the BSDs et al don't bother with an entropy estimate: as long as there's *some* entropy, you're fine, and if it's wrong, you're very much not fine.

(I like the entropy estimator for a much more selfish reason: collecting randomness from some sources can be quite expensive, and we can use the entropy estimator as a high-water-mark to indicate that there's no point whatsoever providing more randomness because nobody's read much since we last shoved a bunch in. We could do much the same thing with a simple counter of "bytes read from /dev/*random by other users since last entropy fed in by a /dev/random writer", but that leaks information about those other users and might be considered ugly. The BSDs don't have a counter like this, and it makes the ekeyd ridiculously costly on those platforms because it has to pull entropy from the key and remix it for /dev/random all the time, even if the system is otherwise totally idle.)


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds