On Wed, Oct 09, 2013 at 08:07:35AM -0700, H. Peter Anvin wrote: > There needs to be an architecturally guaranteed lower bound on the > entropic content for this to be at all useful. However, the hwrandom > interface is currently expecting fully entropic output (which is almost > certainly bogus... consider the PowerPC random number generator[1]) and > so using it for a PRNG output is directly wrong. You can specify as a command-line argument (-H) to rngd the entropy per bit of input data. So if you think an entropy source isn't great, but has some uncertainty, you could do pass to rngd "-H 0.5" or maybe even "-H 0.1". Maybe it would be nice to have /dev/hwrandom export the quality of its output, but the reality is that most hardware devices don't document or export via some programmatic interface how well or how poorly their hwrng really might be. And even if they did, most people, who don't have access to scanning electronic microscopes and nanometer probes, and the ability to decrypt, reverse engineer, and decompile firmware, couldn't know for sure whether or not to believe the claims of the hardware or the hardware manufacturer anyway. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
