New entropy source proposal.
markm at FreeBSD.ORG
Mon Mar 7 20:05:13 GMT 2005
Garrett Wollman writes:
> The usual noise source is thermal noise in the machine itself. The
> process that I've heard described involves:
> 0) Disconnecting any input sources.
> 1) Turning the input gain all the way up.
> 2) Taking only the least-significant bit of each sample.
The random_harvest(9) call would do this by reading (say) 16 bits out
of the DSP, and handing it over as harvested entropy while claiming it
had 1 bit of useful randomness. Any other gratuitous randomness in the
sample would provide "free" perturbation of the entropy pool.
> In order to use this in FreeBSD, we would probably want a compile
> option in the sound drivers to disable their use for other purposes
> (e.g., generating sound).
I can think of a way to do this with sysctls.
iumop ap!sdn w,I idlaH
More information about the freebsd-security