[147730] in cryptography@c2.net mail archive
Re: [Cryptography] /dev/random has issues
daemon@ATHENA.MIT.EDU (Stephan Mueller)
Fri Oct 18 12:39:32 2013
X-Original-To: cryptography@metzdowd.com
From: Stephan Mueller <smueller@chronox.de>
To: Theodore Ts'o <tytso@mit.edu>
Date: Fri, 18 Oct 2013 15:09:08 +0200
Cc: Cryptography <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Hi Ted,
> On Thu, Oct 17, 2013 at 09:12:48AM -0700, John Denker wrote:
> > Here is an experiment you can do, if you have a Linux system:
> > cat /proc/sys/kernel/random/entropy_avail
> >
> > I predict that it is likely to be a smallish number, less than 192
> > bits, not enough to cut a PGP key. This seems to conflict with
> > the stated purpose of having /dev/random, and with the purpose
> > of having buffers within the device.
>
> This is a known problem, and I have a patch pending for the next merge
> window to address this.
>
> http://git.kernel.org/cgit/linux/kernel/git/tytso/random.git/commit/?h
> =dev&id=f5c2742c23886e707f062881c5f206c1fc704782
There is one more strain on the entropy: ASLR. I provided a patch once
(http://lkml.org/lkml/2012/12/11/167) that would have covered some
aspects, but that was shot down with a link to a different patch -- see
that thread.
Unfortunately, there is no fix for this issue as of now. Andrew
mentioned an easy patch, which I think is not appropriate -- but Ted and
Andrew think it is good.a
Ted, maybe it may be helpful to push either Andrew's or my the patch
again, because that issue is a real strain.
Ciao
Stephan
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography