Am Sonntag, 1. Dezember 2013, 20:27:34 schrieb [email protected]: Hi dj,
> I would not characterize the Linux RNG issue as "fully resolved" in any > way. Until every CPU maker includes a source of entropy by design (instead > of by accident) and the Kernel gets off its high horse and chooses to use > them and the kernel gets pre-configured in distros with sane parameters, > crypto software will continue to fail from low entropy situations. I would suggest you reconsider your last statement. As the noise source offered by Intel or any other silicon is a black box by its nature, not everybody is comfortable in using it, considering that the noise sources are the very fundament the entire cryptography rests on. Thus, using RDRAND or any other black box noise source per default in the kernel is just wrong. And as long as even all aspects of the design are not published, being cautious about a noise source is good. I wish that Intel would release the detailed scematics and their analysis/testing of the noise source implementation. As a hardware RNG based on flip-flops or oscillators is not really rocket science, I do not understand why this information is held back. Moreover, it would have helped if access to the raw noise source would have been given for re-verifying the characteristics of the noise source. The only acceptable way IMHO that works with all is: choice. And that choice is given to us via rngd. Ok, you may move the choice to kernel land, but still, it shall stay as a choice. Ciao Stephan -- | Cui bono? | _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
