Re: [PATCH] Re: [PATCH] drivers/net: remove network drivers' last few uses of IRQF_SAMPLE_RANDOM

[Joe Korty]

On Sun, May 18, 2008 at 07:26:57AM -0400, Theodore Tso wrote:
> On Sun, May 18, 2008 at 12:13:35PM +0200, Andi Kleen wrote:
> > We don't use it for most long term keys, e.g. ssh host keys. That is
> > because even on high entropy systems /dev/random usually doesn't work
> > during distribution installation because the system has not run long
> > enough to collect significant entropy yet.
>  ...
> Hence, if you don't think the system hasn't run long enough to collect
> significant entropy, you need to distinguish between "has run long
> enough to collect entropy which is causes the entropy credits using a
> somewhat estimation system where we try to be conservative such that
> /dev/random will let you extract the number of bits you need", and
> "has run long enough to collect entropy which is unpredictable by an
> outside attacker such that host keys generated by /dev/urandom really
> are secure".
> ...
> If distributions really cared, they could very well introduce keyboard
> banging as part of the install process; but no, being able to do an
> unmanned, "turnkey" install is considered more important.  That says
> something about how much they care about security right there.

If the World really cared about security, every cpu chip
would supply a true source of random bits based on the
sampling some easily accessable quantum on-chip state,
such as the tiny fluctuations in current flow across
a resistance.  I suspect supplying this would be about
as expensive as supplying a true TSC driven directly by
the external clock -- that is, so close to zero as to
not matter.

Joe
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/