Re: monitoring entropy

H. Peter Anvin (hpa@transmeta.com)
14 Oct 1997 07:34:52 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Robert Riviere: "Pentium MSRs"
Previous message: Alan Cox: "Re: serial input overrun(s) using ide-cd"
Maybe in reply to: Raul Miller: "monitoring entropy"
Next in thread: Rogier Wolff: "Re: serial input overrun(s) using ide-cd"
Reply: Rogier Wolff: "Re: serial input overrun(s) using ide-cd"

Followup to: <19971013182050.28960@test.legislate.com>
By author: Raul Miller <rdm@test.legislate.com>
In newsgroup: linux.dev.kernel
>
> I recently ran into a situation where I'd like to monitor how
> much entropy is available in /dev/random. As I understand it,
> this shouldn't be a problem -- essentially, it's just telling
> me when a read will block. [I'm thinking of leaving a little
> thermometer up in a window and futzing with keyboard or mouse
> when it gets low].
>
> If there's some risk to this, could someone in the know (e.g.
> Ted) tell me?
>

Allowing user processes to do this probably would be a security hole,
as you could tell when /dev/urandom was "faking" it, and hence
processes using it were being less secure.

>
> For my purposes, a /proc/entropy file that did something like
> sprintf(buffer, "%d\n", random_state.entropy_count);
> would be perfect.
>
> Comments? Jeers?
>

A root-only ioctl() on /dev/(u)random is probably the right way to do
this.

-hpa

-- 
    PGP: 2047/2A960705 BA 03 D3 2C 14 A8 A8 BD  1E DF FE 69 EE 35 BD 74
    See http://www.zytor.com/~hpa/ for web page and full PGP public key
        I am Bahá'í -- ask me about it or see http://www.bahai.org/
   "To love another person is to see the face of God." -- Les Misérables

Next message: Robert Riviere: "Pentium MSRs"
Previous message: Alan Cox: "Re: serial input overrun(s) using ide-cd"
Maybe in reply to: Raul Miller: "monitoring entropy"
Next in thread: Rogier Wolff: "Re: serial input overrun(s) using ide-cd"
Reply: Rogier Wolff: "Re: serial input overrun(s) using ide-cd"