<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">When
polling for entropy, the PRNG will start with the first entropy source added and
then go through the list. The last entropy source, Unix_EntropySource, will
include the list of commands as mentioned earlier in this email thread. The “ls
-alni /tmp” has priority 4 out of 5. This makes it one of the last commands in the last entropy
source.<br><span class=""><font color="#888888"><p></p></font></span></div></div></div></blockquote></div></div><div class="gmail_extra">Each byte gathered by the Unix_EntropySource is counted as 0.005 bits toward the 128 bit polling goal. We can count the number of bytes returned from each command in priority 1 to priority 3. My system did not have all commands, but this was the number of bytes I polled using the commands.</div>
<div class="gmail_extra"><br></div><div class="gmail_extra"><div class="gmail_extra">netstat -in | wc -c</div><div class="gmail_extra">269</div><div class="gmail_extra">vmstat -s | wc -c</div><div class="gmail_extra">764</div>
<div class="gmail_extra">vmstat | wc -c</div><div class="gmail_extra">234</div><div class="gmail_extra">arp -a -n | wc -c</div><div class="gmail_extra">112</div><div class="gmail_extra">ifconfig -a | wc -c</div><div class="gmail_extra">
922</div><div class="gmail_extra">ipcs -a | wc -c</div><div class="gmail_extra">1591</div><div class="gmail_extra">netstat -an | wc -c</div><div class="gmail_extra">39167</div><div class="gmail_extra">netstat -s | wc -c</div>
<div class="gmail_extra">2267</div><div class="gmail_extra">uname -a | wc -c</div><div class="gmail_extra">104</div><div class="gmail_extra">uptime | wc -c</div><div class="gmail_extra">71</div><div class="gmail_extra">ps -A | wc -c</div>
<div class="gmail_extra">6246</div><div class="gmail_extra"><br></div><div class="gmail_extra">Total number of bytes: 51747. Multiply this with 0.005 and we get 258.735 bits of entropy according to Botan. This is more than the goal of 128 bits.</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">So even if we ignore all of the other entropy sources than Unix_EntropySource, we would still most likely return before even calling the command "ls -alni /tmp".</div>
<div class="gmail_extra"><br></div><div class="gmail_extra">I believe we have the following discussion points:</div><div class="gmail_extra">1. (Original topic) <span style="font-family:arial,sans-serif;font-size:13px">vmstat causes kernel messages. What modifications do we want to Botan?</span></div>
<div class="gmail_extra"><span style="font-family:arial,sans-serif;font-size:13px">2. "</span>ls -alni /tmp" is used as a last resort entropy source. It is not good to poll entropy from a directory that users can control. Botan will most likely not use this source. Should Botan remove this command? Even if it is not directly used in the cryptographic operations (the seed is passed through two RNGs)?</div>
<div class="gmail_extra">3. Should SoftHSM add checks verifying that the RNG is seeded with good sources (the build flags from botan/build.h)?</div><div class="gmail_extra"><br></div><div class="gmail_extra">// Rickard</div>
</div></div>