Re: [Tails-dev] Support EntropyKey?

Delete this message

Reply to this message
Author: Maxim Kammerer
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Support EntropyKey?
On Mon, Nov 26, 2012 at 5:40 PM, Jacob Appelbaum <jacob@???> wrote:
> On a recently installed laptop, I found that it had essentially zero sources
> of entropy beyond the keyboard, the clock and the hostname.


You forgot the CPU. Haveged makes all other approaches to gathering
entropy pretty much irrelevant — for instance, try exhausting
/proc/sys/kernel/random/entropy_avail on a system with running
haveged. It is used in Tails since Apr 2010, and in Liberté since Apr
2011 (I think I added haveged after reading the PELD spec). HAVEGE is
one of those really underappreciated academic projects.

“HAVEGE can reach an unprecedented throughput for a software
unpredictable random number generator: several hundreds of megabits
per second on current workstations and PCs.”
http://www.irisa.fr/caps/projects/hipsor/
http://www.irisa.fr/caps/projects/hipsor/misc.php
http://www.irisa.fr/caps/projects/hipsor/publi.php

--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte