-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Aloha!
coderman wrote: > On Tue, Nov 26, 2013 at 10:09 AM, Joachim Strömbergson > <joac...@strombergson.com> wrote: >> ... I have concerns though on embedded SSL stacks that use Havege >> as entropy source on MCUs such as AVR32 and ARM. ... On an >> x86-based server you can use Havege, but use it to feed >> /dev/random, not as a RNG directly. The same goes for Jytter. > > > good points! > > haveged should work fine on StrongArm, A8, A9, Xscale, anything with > a high res timer like ARM Cycle Counter (in place of TSC). > > older ARM processors and x86 without high res TSC (pre-pentium?) > will have trouble. Note that Havege is based on the assumption that instruction execution time varies and can be forced to vary as much as possible. On single-issue, RISC architectures with no or simple (such as SW controlled) cache memories you basically will have to hit main store in order to get a lot of variance. Then you also need a cycle timer, high res timer to be able to measure the variance. Another thing to note is that RDTSC is one of the instructions that VM-systems can (and will) simulate. This means that the source for Havege entropy will be synthetic and arbitrary from physical event. - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlKXBlIACgkQZoPr8HT30QEqcwCfS1Ux5rhm5QBHbnqr2gThKoTy x7AAoIw4AKhWBNLUMJSEDlD0KHsLjxC+ =Vm3Q -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography