On 12/22/2010 09:29 AM, Kurt Knochner wrote:
Do you have a hint, how I could emit the random values from arc4random
in a "clever" way? I thought of using an internal buffer and accessing
that through sysctl or another device, e.g. /dev/randstream.
You should definitely check out this page if you hadn't already:
http://www.phy.duke.edu/~rgb/General/dieharder.php
The dieharder test suite already comes with input modules for reading
from system devices and lots of other sources.
The later
looks more complicated, but will certainly teach me more about openbsd
internals.
Well if that's your goal, I think you probably need to patch the kernel
to DMA the stuff into video RAM and offload the processing of it there.
:-) Or something else, be creative. Try to write a backdoor
In any case, generic statistical tests might detect really horrible
brokenness but they're are not the thing to certify CSRNGs with. Somehow
people managed to run them on RC4 for years before anyone noticed that
the second byte of output was zero twice as often as it should be.
What could be really useful would be better models of the effective
entropy contributed by kernel event classes going into the pool.
- Marsh
