[cryptography] Kernel space vs userspace RNG

dj at deadhat.com dj at deadhat.com
Sat May 7 17:35:24 EDT 2016

> Russell Leidich (at Friday, May 6, 2016, 10:16:12 PM):
>> Most of the entropy in a system is manifest in terms of the clock
>> skew between direct memory access (DMA) transfers from external
>> devices and the CPU core clocks, which unfortunately does not
>> traverse the kernel in any directly observable manner.
> someone please confirm this, because i'm not a linux expert, but i
> don't believe user space code can do dma without the kernel knowing
> about it.
> also, i assert that such clock drifts provide much less entropy than
> you make it look like.
The premise is generally wrong these days. Well designed entropy sources
on silicon generate between 200Mbits/s and 5Gbits/s per source. I think
most vendors are getting in on the act. We have been pretty open with our
ES designs and I've seen very smart ES papers. I particularly like
Samsung's ring of rings for a process agnostic circuit.

>> interrupt timing, unless we extend the definition of "interrupt" to
>> include quasiperiodic memory accesses from external clients.
> again, i'm no exert in low level kernel stuff, but to my knowledge,
> everything happens through interrupts, even dma uses it to report the
> end of an operation.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

More information about the cryptography mailing list