Collecting entropy from device_attach() times.

Pawel Jakub Dawidek pjd at FreeBSD.org
Sat Sep 22 19:53:12 UTC 2012 

On Sat, Sep 22, 2012 at 10:03:23AM +0200, Pawel Jakub Dawidek wrote:
> If discarding top ten bit in case of such dummy driver is enough, we
> could probably discard less from drivers that interact with real
> hardware, but even with 43 device_attach() calls during boot on similar
> hardware and assuming that we can get only 6 bits of entropy from each
> call, it gives us more than 256 bits of entropy. In other words I don't
> think we should further complicate this and that we should stick to
> entropy estimations from my current patch.

I made additional calculations to see where is the line we shall not
cross. I checked how distribution would look like for 6, 7, 8, 9, 10, 11
and 12 bit values (so we discard from top 10 to top 4 bits):

	http://people.freebsd.org/~pjd/misc/device_attach_6bit.jpg
	http://people.freebsd.org/~pjd/misc/device_attach_7bit.jpg
	http://people.freebsd.org/~pjd/misc/device_attach_8bit.jpg
	http://people.freebsd.org/~pjd/misc/device_attach_9bit.jpg
	http://people.freebsd.org/~pjd/misc/device_attach_10bit.jpg
	http://people.freebsd.org/~pjd/misc/device_attach_11bit.jpg
	http://people.freebsd.org/~pjd/misc/device_attach_12bit.jpg

And source in libreoffice:

	http://people.freebsd.org/~pjd/misc/device_attach_6-12_bits.ods

It looks like we can safely discard even only 7 bits (leaving 9 bits of
entropy). With 10bit value the maximum difference between theoretical
and empirical distribution goes to 6.34% which I don't think is
acceptable. On the other hand the differences for 6, 7, 8 and 9 are
very small:

	6bit:	0.33%
	7bit:	0.29%
	8bit:	0.27%
	9bit:	0.21%

For completness all the rest:

	10bit:	 6.34%
	11bit:	19.07%
	12bit:	54.80%

Mariusz, can you confirm my findings?

-- 
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://tupytaj.pl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20120922/fcba613a/attachment.pgp

More information about the freebsd-security mailing list