where is my randomness?
Matthew Dillon
dillon at apollo.backplane.com
Tue Jan 24 10:17:44 PST 2006
:
::> pair without randomness?
::<Snip/>
::
::Does this mean all DragonFly hosts have the same private/public key?
::
::Adrian
:
: It looks like we do have an issue. Keyboard randomness is still being
: added, but it looks like the interrupt randomness is not... it has to
: be turned on with the rndcontrol utility. That means the only
: entropy is going to be the pool hash that occurs when random data is
: read, which is extremely weak.
:
: I am getting different patterns from /dev/urandom on boot, but the
: results are definitely going to be extremely weak.
:
: I will work on fixing this today.
Addendum... it isn't quite as bad as I thought. Every time a random
block is read timer randomness is added back to the pool, but the
amount of entropy is still going to result in fairly weak results.
So the answer is no, people's keys will not be the same. But they
will not be as strong as they should be, either.
I have an idea on how to address the issue. The reason why interrupt
randomness was not turned on by default was due to the loss in
performance due to lack of rate limiting on the calculations. What I
will do is add a kernel thread whos sole job is to maintain the entropy
pool. The thread will hash various live system parameters plus the
timestamp. Any interrupt will be allowed to trigger the thread but the
triggering will be rate-limited to something reasonable, like 10 per
second.
rndcontrol will be removed entirely.
That should deal with the issue once and for all.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
More information about the Users
mailing list