At Sun, 12 Aug 2007 11:47:28 +0200, Samuel Thibault <[EMAIL PROTECTED]> wrote: > > + /* Sune Kirkeby's entropy patch (which was a port of the > > + linux entropy drivers for GNU mach) placed the keyboard > > + entropy source here. I looked at that for an idea of where > > + how to do write this driver. */ > > + entropy_putchar(scancode | (up ? 0200 : 0), ENTROPY_LOW_QUALITY); > > Why low quality? I know people always use the same commands (ls, mv...) > but the order in which they type them is to my mind a very good source > of entropy. Also, the _time_ when characters are typed should be the > best source of entropy, you should really take that into account.
A careful analysis of "quality" produced by various sources can be found in: Thomas Biege Analysis of a strong Random Number Generator http://www.suse.de/~thomas/papers/random-analysis.pdf This paper does not include keyboard and mouse activity but focuses on initialization at boot time. Thus, more important than the result (which, in summary, is that booting to a static configuration does not produce good entropy) is the description of the methods used to measure entropy. It's a good idea to be conservative about entropy measurements. Commonly it is overestimated by a large margin. Thanks, Marcus _______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
