On Út, 2016-06-21 at 09:05 -0400, Austin S. Hemmelgarn wrote: > On 2016-06-20 14:32, Stephan Mueller wrote: > > > > [1] http://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.pdf > Specific things I notice about this: > 1. QEMU systems are reporting higher values than almost anything > else > with the same ISA. This makes sense, but you don't appear to have > accounted for the fact that you can't trust almost any of the entropy > in > a VM unless you have absolute trust in the host system, because the > host > system can do whatever the hell it wants to you, including > manipulating > timings directly (with a little patience and some time spent working > on > it, you could probably get those number to show whatever you want > just > by manipulating scheduling parameters on the host OS for the VM > software). You have to trust the host for anything, not just for the entropy in timings. This is completely invalid argument unless you can present a method that one guest can manipulate timings in other guest in such a way that _removes_ the inherent entropy from the host. -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb (You'll never know whether the road is wrong though.) -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html