where is my randomness?
joerg at britannica.bec.de
joerg at britannica.bec.de
Tue Jan 24 10:51:48 PST 2006
On Tue, Jan 24, 2006 at 10:17:25AM -0800, Matthew Dillon wrote:
> I have an idea on how to address the issue. The reason why interrupt
> randomness was not turned on by default was due to the loss in
> performance due to lack of rate limiting on the calculations.
That's not the only reason. A network interrupt for example can be
triggered remotely, resulting in a certain amount of known input,
thereby reducing the entropy of the data.
I don't think the current situation for urandom is that bad, but it
means that e.g. ssh keys are generated very slowly. The pool does
measure how much estimated entropy is left after all.
Joerg
More information about the Users
mailing list