On Tue, 6 Apr 2021, Taylor R Campbell wrote:
Why do you say that? We do incorporate many sources that are not well-studied -- every keystroke, for example, and the CPU cycle counter at the time of the keystroke, affects the output of /dev/urandom.
Is the output of /dev/random also influenced like this?
What do you mean by `things like timing jitter have been pooh-poohed in the literature'? Timing jitter in ring oscillators arising from thermal noise in the silicon is the main source of entropy in most on-die hardware RNGs on the market that I'm aware of. This design is reasonably well-studied in the literature.
I should've been more precise :(. Back in the beginning of the year when a related discussion re: initial seeding on devices w/o usable audio devices got stuck, I said that when all else fails the user can be asked to mash on the keyboard and jiggle the mouse. To which nia@ responded that those old-fashioned methods weren't considered good enough nowadays, and linked to a paper which discussed this. I had in mind that (and similar stuff) when I wrote what I did--not well-studied physical processes like jitter derived from comparing a pair of free-running oscillators. -RVP