[148038] in cryptography@c2.net mail archive
Re: [Cryptography] randomness +- entropy
daemon@ATHENA.MIT.EDU (Hannes Frederic Sowa)
Tue Nov 5 22:18:24 2013
X-Original-To: cryptography@metzdowd.com
Date: Wed, 6 Nov 2013 00:38:32 +0100
From: Hannes Frederic Sowa <hannes@stressinduktion.org>
To: Theodore Ts'o <tytso@mit.edu>
In-Reply-To: <20131105230949.GF14235@thunk.org>
Cc: John Kelsey <crypto.jmk@gmail.com>, Watson Ladd <watsonbladd@gmail.com>,
Cryptography <cryptography@metzdowd.com>,
RNG mlist <rng@lists.bitrot.info>, John Denker <jsd@av8n.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Tue, Nov 05, 2013 at 06:09:49PM -0500, Theodore Ts'o wrote:
> On Tue, Nov 05, 2013 at 05:31:12PM -0500, John Kelsey wrote:
> >
> > Is there any way for a program to find out if /dev/urandom has been
> > seeded properly?
>
> Currently, there isn't. We could add it, but most programs aren't
> going to check for such a flag. So one of the things which I've
> recently added:
>
> http://git.kernel.org/cgit/linux/kernel/git/tytso/random.git/log/?h=dev
Regarding
<https://git.kernel.org/cgit/linux/kernel/git/tytso/random.git/commit/?h=dev&id=392a546dc8368d1745f9891ef3f8f7c380de8650>:
Why not always print a warning once if someone tried to extract
randomness before the pool was fully initialized? I would even consider
adding a WARN_ONCE there so that it is really visible to the user. Maybe
kernelooops.org or some other distro infrastructure could uncover which
devices have their nonblocking random pool initialized too late.
I would love to collect such stack traces and would check if we can
delay them as much as possible.
Greetings,
Hannes
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
