Re: /dev/random

[Joel Rees <joel.rees@gmail.com>]

On Fri, Aug 1, 2014 at 4:00 PM, David Guyot
<david.guyot@europecamions-interactive.com> wrote:
> Le jeudi 31 juillet 2014 à 16:41:01 -0700, pecondon@mesanetworks.net a écrit:
>> not generated by the functioning of the computer, but from something
>> like the keystroke times of a human asking for help on this list. It
>> differs from /dev/urandom in that /dev/random blocks and does not give
>> any bits if there have not been enough keystrokes since the last call
>> to replenish the supply of entropy in its entropy store. In contrast,
> As far as I know, keystrokes aren't the only monitored data used to fill
> the entropy pool; HDD and network I/Os timestamps are also use, as they
> can be considered as chaotic. Maybe the kernel doc can help you to know
> all of entropy sources. I know this isn't really the question, but I
> think you must know that keystrokes aren't the only entropy sources.

Yes, but, ...

Most I/O devices are dependent on certain kinds of timing to function.
For instance, if you try to use the timing between cache fills on your
hard disk, and the system for some reason reads a large block of data
on a non-fragmented file, things that were pretty random suddenly are
not.

And there is a difference between random and arbitrary. If we could
access the bit jitter on the shift register behind the read heads, we
would discover quite of bit of regularity in the apparently random
rises and falls. Likewise, bearings are not perfectly smooth, and
lubricant not perfectly distributed, but the variations are going to
repeat themselves with some regularity.

Ethernet chatter seems unpredictable, but packets tend to flow in cyclic bursts.

Pretty much everything in our world has hidden cyclic behavior.
Keyboard hits tend to be much more random, but, even there, a good
typist gets a rhythm going as well.

-- 
Joel Rees

Be careful where you see conspiracy.
Look first in your own heart.