Helge Hafting wrote:
> So we can't trust the generator, so we can't
> get a trustable estimate for its randomness. But we assume
> there is some randomness to be had.
>
> The cure is simple - mix in data from that RNG, but assume
> no entropy from it. This won't throw off the
> entropy estimate, but we'll get whatever entropy the device
> is capable of.
>
> Someone may analyze the thing and get a better (but
> conservative) entropy estimate later, and get beter performance.
Thanks. The i810_rng driver in my personal CVS now has a setting
RNG_CONSERVATIVE_ENTROPY, which does just this.
When I convert this from a define to a sysctl, and add in the FIPS
testing, I'll roll another version at
http://gtf.org/garzik/drivers/i810_rng/
Jeff
-- Jeff Garzik | Andre the Giant has a posse. Building 1024 | MandrakeSoft, Inc. |- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jan 31 2000 - 21:00:15 EST