Re: [PATCH v25 10/12] LRNG - add TRNG support

From: Andy Lutomirski
Date: Sat Nov 16 2019 - 11:09:19 EST

Next message: Sasha Levin: "[PATCH AUTOSEL 4.14 097/150] hfsplus: prevent btree data loss on ENOSPC"
Previous message: Sasha Levin: "[PATCH AUTOSEL 4.14 101/150] hfsplus: update timestamps on truncate()"
In reply to: Stephan Müller: "[PATCH v25 10/12] LRNG - add TRNG support"
Next in thread: Stephan Müller: "Re: [PATCH v25 10/12] LRNG - add TRNG support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Nov 16, 2019, at 1:40 AM, Stephan MÃller <smueller@xxxxxxxxxx> wrote:
>
> ïThe True Random Number Generator (TRNG) provides a random number
> generator with prediction resistance (SP800-90A terminology) or an NTG.1
> (AIS 31 terminology).
>

...

> The secondary DRNGs seed from the TRNG if it is present. In addition,
> the /dev/random device accesses the TRNG.
>
> If the TRNG is disabled, the secondary DRNGs seed from the entropy pool
> and /dev/random behaves like getrandom(2).

As mentioned before, I donât like this API. An application that, for some reason, needs a TRNG, should have an API by which it either gets a TRNG or an error. Similarly, an application that wants cryptographically secure random numbers efficiently should have an API that does that. With your design, /dev/random tries to cater to both use cases, but one of the use cases fails depending on kernel config.

I think /dev/random should wait for enough entropy to initialize the system but should not block after that. A TRNG should have an entirely new API that is better than /dev/random.

Next message: Sasha Levin: "[PATCH AUTOSEL 4.14 097/150] hfsplus: prevent btree data loss on ENOSPC"
Previous message: Sasha Levin: "[PATCH AUTOSEL 4.14 101/150] hfsplus: update timestamps on truncate()"
In reply to: Stephan Müller: "[PATCH v25 10/12] LRNG - add TRNG support"
Next in thread: Stephan Müller: "Re: [PATCH v25 10/12] LRNG - add TRNG support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]