[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
disk randomness
rich salz posted to this list a message i sent him
about a portable way to gather disk-noise for a true rng.
he also was kind enough to forward a reply to me from
the list, because i wasn't subscribed at the time. the
reply's author pointed out that my approach is not a
practical one, and that NOISE.SYS gathers disk timings
and other noise more efficiently, anyway. now that i'm
subscribed, i'll answer on my own behalf:
i agree that my algorithm isn't practical. in fact,
that's why i agreed to rich's request that i let him
post my message here. i don't recommend paging-timings
to my clients, because it's not a workable approach
for production-quality code.
memory-paging's only virtue as a noise-source is that
it's uniquely portable. i failed to emphasize this,
in the message rich forwarded for me. the code needs
no device-specific calls, and the only OS-specific call
is the gettime() call. even with this virtue, i don't
recommend it as a production-quality algorithm, unless
the process that needs the rng is already memory-bound.
i'm sorry that my original msg was unclear on this point;
that's my fault, not rich's.
by the way, i think the "interesting work" of mine to
which rich referred, is my paper on disk randomness,
which appeared in the crypto '94 proceedings. it presents
work i did at mit from '88-9, and shows mathematically
why disk-timings can contain true entropy: a disk's speed
variations come from air turbulence, which now is known
mathematically to be unpredictable in the long run.
my coauthors were p.r. fenstermacher, a chaos-theory
physicist, and r. ihaka, a statistician.
-don davis, boston