On Wed, Sep 19, 2012 at 03:34:59PM -0700, David O'Brien (@FreeBSD) wrote: > On Tue, Sep 18, 2012 at 11:14:22PM +0200, Pawel Jakub Dawidek wrote: > > I experimented a bit with collecting entropy from the time it takes for > > device_attach() to run (in CPU cycles). It seems that those times have > > enough variation that we can use it for entropy harvesting. It happens > > even before root is mounted, so pretty early. > > I like it. Microsoft harvests from something like 900 events/things. Some of this is documented in 'Windows 7 CNGSYS FIPS Security Policy.docx' Section 5.3.2 "SystemPrng". [http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1328.pdf] should this give anyone more ideas... -- -- David _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"