BookRags.com Literature Guides Literature
Guides		 Criticism & Essays Criticism &
Essays		 Questions & Answers Questions &
Answers		 Lesson Plans Lesson
Plans		 My Bibliography Periodic Table U.S. Presidents Shakespeare Sonnet Shake-Up
Research Anything:        
History | Encyclopedias | Films | News | Create a Bibliography | More... Login | Register | Help
Not What You Meant?  There are 26 definitions for Entropy.

Entropy (computing)

 Print-Friendly
About 4 pages (1,174 words)

Bookmark and Share Know this topic well? Help others and get FREE products!

In computing, entropy is a resource of various Unix-like computer operating systems. More specifically, entropy can be described as the randomness collected by an operating system or application for use in cryptography or other uses that necessitate the provision of random data. In actual practice, this randomness is often collected from hardware sources, either general ones (eg mouse movements), or specialist ones (eg randomness generators).

Contents

Entropy in the Linux kernel

The Linux kernel generates entropy from keyboard timings, mouse movements, and IDE timings and makes the random character data available to other operating system processes through the special file /dev/random since Linux version 1.3.30.[1] There are some Linux kernel patches allowing one to use more entropy sources.[2] There are also other software projects allowing audio data to be feed onto /dev/random, such as the audio-entropyd project, which is included in some operating systems using the Linux kernel, such as Fedora Linux.[3] In some systems, network interrupts can be used as an entropy source as well.[4] On systems using the Linux kernel, programs needing much random data from /dev/urandom cannot co-exist with programs reading little data from /dev/random because /dev/urandom depletes /dev/random whenever it is being read.[5] At least for the 1.3.30 Linux kernel, there are some timing issues, in the sense that if the entropy pool is empty and a process reads /dev/random after an ioctl() call but before the actual write() call, the read may succeed but no random data will be provided to the process as the read was done before the write() call.[6]

Entropy in the Hurd kernel

A driver ported from the Linux kernel is now available for the Hurd kernel.[7]

Entropy in Solaris

/dev/random and /dev/urandom have been available as Sun packages or patches for Solaris since Solaris 2.6,[8] and have been a standard feature since Solaris 9.[9] As of Solaris 10, administrators can remove existing entropy sources or define new ones via the kernel-level cryptographic framework. There is also a 3rd-party kernel module implementing /dev/random for releases back to Solaris 2.4.[8]

Entropy in OS/2

There is a software package for OS/2 that allows software processes to retrieve random data.[10]

Entropy in Windows

Microsoft Windows newer than 95A feature the CryptoAPI (CAPI) API that gathers entropy in a similar fashion to Linux kernel's /dev/random.[11] Windows's CryptoAPI uses the binary registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG\Seed to store a seeded value from all of its entropy sources.[12] Because CryptoAPI is closed-source, some free software and open-source applications running on the Windows platform use other measures to get randomness. For example, GnuPG, as of version 1.06, uses a variety of sources such as the number of free bytes in memory that combined with a random seed generate the desired randomness it needs.[13] Programmers using CAPI can get entropy by calling CAPI's CryptGenRandom(), after properly initialising it.[14]

Entropy in other systems

There are some software packages that allow one to use a userspace process to gather random characters, exactly what /dev/random does.

Hardware-originated entropy

Modern CPUs and hardware often features integrated generators that can provide high-quality and high-speed entropy to operating systems. On systems based on the Linux kernel, one can read the entropy generated from such a device through /dev/hw random.[15] However, sometimes /dev/hw_random may be slow;[16] usually around 80K/s.[17] There are some companies manufacturing entropy generation devices, and some of them are shipped with drivers for Linux.[18] On Debian GNU/Linux, one can install the rng-tools package (apt-get install rng-tools) that supports the true random number generators (TRNGs) found in some Intel, AMD, or VIA chipsets, effectively increasing the entropy collected into /dev/random and potentially improving the cryptographic potential. This is especially useful on headless servers that have no other sources of entropy.

Practical implications of entropy

System administrators, especially those supervising Internet servers, have to ensure that the server processes will not halt because of entropy depletion. Entropy on servers utilising the Linux kernel, or any other kernel or userspace process that generates entropy from the console and the storage subsystem, is often less than ideal because of the lack of a mouse and keyboard, thus servers have to generate their entropy only from IDE timings. Entropy in Linux is viewable through the file /proc/sys/kernel/random/entropy_avail and should generally be at least 2000.[19] Entropy changes frequently. Administrators being responsible for systems that have low or zero entropy should not attempt to use /dev/urandom as a substitute for /dev/random as this may cause SSL/TLS connections to have lower-grade encryption.[20] Some software systems change their D-H (Diffie-Hellman) keys often, and this may in some cases help a server to continue functioning normally even with an entropy bottleneck.[21] On servers with low entropy, a process can appear hung when it is waiting for random characters to appear in /dev/random (on Linux-based systems). For example, there was a known problem in Debian GNU/Linux that caused exim4 to hang in some cases because of this.[22]

Security implications

Entropy sources can be used for keyboard timing attacks.[23] Entropy can affect the cryptography (TLS/SSL) of a server: If it is too low then the regeneration of codes can take much time to complete. In some cases a cracker (malicious attacker) can guess some bits of entropy from the output of a pseudorandom number generator (PRNG), and this happens when not enough entropy is shoved into the PRNG.[24]

Other potential sources for entropy

Although the Linux kernels collects entropy from the mouse, keyboard, and IDE timings, there are other ways as well. For example, one could collect entropy from the computer's microphone, or by building a sensor to measure the air turbulence inside a disk drive.[25] However, such devices as microphones are usually not available in servers.

See also

References

  1. ^ random(4) - Linux man page (die.net)
  2. ^ http://www.robot101.net/2005/09/25/missing-entropy/
  3. ^ https://admin.fedoraproject.org/pkgdb/packages/name/audio-entropyd
  4. ^ https://linuxlink.timesys.com/docs/about_entropy
  5. ^ http://www.av8n.com/turbid/paper/turbid.htm
  6. ^ http://www.uwsg.iu.edu/hypermail/linux/kernel/9510/0218.html
  7. ^ /dev/{,u}random driver for GNU/Hurd (ibofobi.dk)
  8. ^ a b Solaris /dev/random through emulation
  9. ^ Solaris /dev/random
  10. ^ Rexx Entropy Gathering Daemon for OS/2
  11. ^ http://lists.gnupg.org/pipermail/gnupg-users/2001-November/010831.html
  12. ^ http://www.mail-archive.com/openssl-dev@openssl.org/msg21829.html
  13. ^ http://lists.gnupg.org/pipermail/gnupg-users/2002-February/011909.html
  14. ^ http://www.cs.berkeley.edu/~daw/rnd/cryptoapi-rand http://archives.seul.org/or/cvs/Mar-2004/msg00078.html
  15. ^ http://lists.kde.org/?l=kroupware&m=116377029100152&w=2
  16. ^ http://www.redhat.com/archives/rhl-devel-list/2004-August/msg00770.html
  17. ^ http://www.redhat.com/archives/rhl-devel-list/2004-August/msg00786.html
  18. ^ http://www.std.com/~reinhold/truenoise.html http://random.com.hr/products/random/hg324.html
  19. ^ http://lists.exim.org/lurker/message/20060217.000128.2064ef9b.en.html
  20. ^ SSL/TLS entropy problem, aka pops timeouts (was: sasl ldap problem)
  21. ^ [TLS Re: Short Ephermal Diffie-Hellman keys, Simon Josefsson] (ietf.org, mailing list)
  22. ^ http://lists.gnupg.org/pipermail/gnutls-dev/2004-December/000800.html
  23. ^ unix entropy source can be used for keystroke timing attacks - Michal Zalewski
  24. ^ Re: entropy depletion (was: SSL/TLS passive sniffing)
  25. ^ Build your own cryptographically safe server/client protocol - 4.8.3. Collecting entropy

View More Summaries on Entropy (computing)
 
View all | View only answered questions | View only unanswered questions
Ask any question on Entropy (computing) and get it answered FAST!
Answer questions in BookRags Q&A and earn points toward
discounted or even FREE Study Guides and other BookRags products!
Learn more about BookRags Q&A
Copyrights
Entropy (computing) from Wíkipedia. ©2006 by Wíkipedia. Licensed under the GNU Free Documentation License. View a list of authors or edit this article.

Article Navigation
Join BookRagslearn moreJoin BookRags
About BookRags | Customer Service | Report an Error | Terms of Use | Privacy Policy