Page MenuHomeFreeBSD
Differential D52228

random: Make the min-entropy estimate configurable
ClosedPublic
Actions

Authored by markj on Aug 28 2025, 9:47 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Oct 12, 9:04 PM
Unknown Object (File)
Sun, Oct 12, 9:29 AM
Unknown Object (File)
Sun, Oct 12, 9:29 AM
Unknown Object (File)
Sat, Oct 11, 10:39 PM
Unknown Object (File)
Sat, Oct 11, 10:39 PM
Unknown Object (File)
Wed, Oct 8, 8:37 PM
Unknown Object (File)
Wed, Oct 8, 1:40 PM
Unknown Object (File)
Thu, Oct 2, 5:55 PM
View All 34 Files
Subscribers
cem
imp
obrien

Details

Reviewers
cem
Group Reviewers
csprng
Commits
rG56965bbf7fd8: random: Make the min-entropy estimate configurable
rG228302e630dd: random: Make the min-entropy estimate configurable
Summary

Right now the cutoff values for the RCT and APT tests are computed with
a fixed min-entropy estimate of 1. In preparation for permitting
alternative estimates for "pure" sources (i.e., hardware noise sources),
extend the code to handle alternative estimates of an integer number of
bits.

For the RCT test, the cutoff is simply the formula from section 4.4.1 of
NIST SP 800-90B. The APT test, I used Excel to compute a lookup table.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj created this revision.Aug 28 2025, 9:47 PM
Herald added a subscriber: imp. · View Herald TranscriptAug 28 2025, 9:47 PM
markj requested review of this revision.Aug 28 2025, 9:47 PM
Herald added a subscriber: obrien. · View Herald TranscriptAug 28 2025, 9:47 PM
markj added a child revision: D52229: random: Make the entropy source registration interface more uniform.Aug 28 2025, 9:47 PM
Harbormaster completed remote builds in B66619: Diff 161153.Aug 28 2025, 9:47 PM
cem added a subscriber: cem.Aug 29 2025, 1:47 AM
cem added inline comments.
sys/dev/random/random_harvestq.c
503

The ht_apt_cutoff for min_entropy=1 changed from 330 to 329 -- what's the significance of that?

692

In a later diff, we change this to just

random_healthtest_init(i, 0);

We could just do that here.

markj marked an inline comment as done.Aug 29 2025, 1:37 PM
markj added inline comments.
sys/dev/random/random_harvestq.c
503

I think there must have been an off-by-one in my original calculation. This table was computed with =1+CRITBINOM(511,POWER(2,-ROW()),1-POWER(2,-34)) per the footnote in the 800-90B publication. I'm quite sure I used the same formula before too, but might have included the +1 term twice.

In practice there's not much significance since the difference means we're testing 329 vs. 330 samples out of 511 for equality with the first sample in the window.

markj updated this revision to Diff 161179.Aug 29 2025, 1:39 PM

Get rid of an unneeded variable.

Harbormaster completed remote builds in B66632: Diff 161179.Aug 29 2025, 1:39 PM
cem accepted this revision.Aug 29 2025, 4:35 PM
cem added inline comments.
sys/dev/random/random_harvestq.c
503

Cool, thanks.

This revision is now accepted and ready to land.Aug 29 2025, 4:35 PM
Closed by commit rG228302e630dd: random: Make the min-entropy estimate configurable (authored by markj). · Explain WhySep 8 2025, 3:26 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG228302e630dd: random: Make the min-entropy estimate configurable.
markj added a commit: rG56965bbf7fd8: random: Make the min-entropy estimate configurable.Tue, Sep 30, 3:24 PM

Revision Contents
Changeset List

PathSize
sys/
dev/
random/
52 lines

Diff 161714

View Options

sys/dev/random/random_harvestq.c

Loading...