On Apr 2, 2014, at 10:34 AM, Theodore Ts'o <[email protected]> wrote: > On Wed, Apr 02, 2014 at 10:02:24AM -0700, Paul Hoffman wrote: >> >> Personally, I have a strong hesitation of a BCP using phrases like >> "a few bits of entropy" if we can't measure them and if we don't >> even know if they exist. > > One of the problems is that there is a lot of nuance which is > required. For example, if you can't change the hardware, on a mobile > device, one of the few sources of unpredictability might be the radio > strength --- if you grab this in early boot and if you know that the > values aren't being fed via centralized logging scheme. It's not > really _entropy_ per se, but if you are assuming that someone sitting > in Fort Meade won't know whether your cell phone is in your knapsack > under the steel desk, or on top of the desk, it probably does add a > certain amount of protection. > > Ditto grabbing touch screen information; sure, if someone has a camera > surveilling you, it might not have much unpredictabiliy, but it's > still probably a good thing to mix into your entropy pool.
Fully agree. We should talk about possible sources, but we should be careful to say that we are not suggesting how many bits (or fractions of a bit) those sources produce. The implementer of the RNG is fully responsible for making the source-to-bit-count assumptions. > And if we try to tell people that if you can't do anything at all > which is True Entropy (tm), you might as well go home, then people > might just do that. That leads into the question of who the target audience for such a document should be. The committers for Linux and *BSD /dev/random don't need us to create a BCP for them; the writers of a new OS or distro might need it. An application writer should either (a) only be pulling from their OS or (b) be as smart about random sources as the OS dev so they can create their own pool. The eventual document needs to be very clear which person should be reading which part. The current document is completely unclear on this, and an application developer might think they need to understand things that we would be horrified if they tried to implement. --Paul Hoffman _______________________________________________ dsfjdssdfsd mailing list [email protected] https://www.ietf.org/mailman/listinfo/dsfjdssdfsd
