Re: [PATCH v4 0/5] /dev/random - a new approach

From: Stephan Mueller
Date: Sat Jun 18 2016 - 12:31:34 EST


Am Samstag, 18. Juni 2016, 10:44:08 schrieb Theodore Ts'o:

Hi Theodore,

>
> At the end of the day, with these devices you really badly need a
> hardware RNG. We can't generate randomness out of thin air. The only
> thing you really can do requires user space help, which is to generate
> keys lazily, or as late as possible, so you can gather as much entropy
> as you can --- and to feed in measurements from the WiFi (RSSI
> measurements, MAC addresses seen, etc.) This won't help much if you
> have an FBI van parked outside your house trying to carry out a
> TEMPEST attack, but hopefully it provides some protection against a
> remote attacker who isn't try to carry out an on-premises attack.

All my measurements on such small systems like MIPS or smaller/older ARMs do
not seem to support that statement :-)

Ciao
Stephan