Re: [RFC][PATCH 0/6] /dev/random - a new approach

From: Stephan Mueller
Date: Fri Apr 22 2016 - 01:00:06 EST

Next message: Stephen Rothwell: "linux-next: build failure after merge of the akpm-current tree"
Previous message: Han Xu: "Re: [PATCH 8/9] mtd: fsl-quadspi: disable AHB buffer prefetch"
In reply to: Theodore Ts'o: "Re: [RFC][PATCH 0/6] /dev/random - a new approach"
Next in thread: Sandy Harris: "Re: [RFC][PATCH 0/6] /dev/random - a new approach"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Donnerstag, 21. April 2016, 22:51:55 schrieb Theodore Ts'o:

Hi Theodore,

> I still have a massive problem with the claims that the "Jitter" RNG
> provides any amount of entropy. Just because you and I might not be
> able to analyze it doesn't mean that somebody else couldn't. After
> all, DUAL-EC DRNG was very complicated and hard to analyze. So would
> be something like
>
> AES(NSA_KEY, COUNTER++)
>
> Very hard to analyze indeed. Shall we run statistical tests? They'll
> pass with flying colors.
>
> Secure? Not so much.

If you are concerned with that RNG, we can easily drop it from the LRNG. The
testing documented in the writeup disable the Jitter RNG to ensure that only
the LRNG IRQ collection is tested.

The conclusions regarding timeliness of the seeding, the prevention of
draining the entropy pool are performed without the Jitter RNG which implies
that the Jitter RNG can be dropped without harm.

Ciao
Stephan

Next message: Stephen Rothwell: "linux-next: build failure after merge of the akpm-current tree"
Previous message: Han Xu: "Re: [PATCH 8/9] mtd: fsl-quadspi: disable AHB buffer prefetch"
In reply to: Theodore Ts'o: "Re: [RFC][PATCH 0/6] /dev/random - a new approach"
Next in thread: Sandy Harris: "Re: [RFC][PATCH 0/6] /dev/random - a new approach"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]