[cryptography] Quality of HAVEGE algorithm for entropy?

Stephan Mueller smueller at chronox.de
Wed Nov 27 15:39:12 EST 2013


Am Mittwoch, 27. November 2013, 12:00:50 schrieb coderman:

Hi coderman,

> On Wed, Nov 27, 2013 at 3:10 AM, Stephan Mueller <smueller at chronox.de> 
wrote:
> > ...
> > The way haveged is implemented, not really. The reason is that it uses
> > clock_gettime, which uses the Linux kernel clocksource framework. That
> > framework has drivers for a number of different timers on various
> > architectures.
> 
> do you know if the list of supported clock sources is documented 
somewhere?

Yes, it is documented. Check the contents of 
/sys/devices/system/clocksource/clocksource0/current_clocksource and 
/sys/devices/system/clocksource/clocksource0/available_clocksource.

Note, current_clocksource is also writable where you can switch the used 
clocksource.
> 
> > ... you cannot verify
> > entropy beyond simple pattern checks. Moreover, compression (i.e.
> > whitening) is not meaningful when mixing it into /dev/random as it has 
its
> > own whitening function.
> 
> simple checks (sanity checks) are useful.

I fully agree to have simple sanity checks. Though I would not call them 
checks for entropy.


Ciao
Stephan
-- 
| Cui bono? |


More information about the cryptography mailing list