If it uses the RDRAND output as I out to whatever other algorithms they may have to produce randomness, I'm ok with it.
Sent from my iPad > On Mar 14, 2015, at 11:41, Ruben De Smet <[email protected]> wrote: > > This is indeed what Linux does. It doesn't use the Intel instructions as > random source, but it uses them as input. Disclaimer: I'm not very > knowledgable in this field. > >> On 14/03/15 16:33, Mobile Mouse wrote: >> On Intel platforms I would definitely mix the RDRAND output in, at any cost. >> Otherwise I'm probably OK with the native RNG... >> >> Sent from my iPad >> >>>> On Mar 14, 2015, at 10:56, Ruben De Smet <[email protected]> wrote: >>>> >>>> On 14/03/15 15:36, Jean-Pierre Münch wrote: >>>> Hey everyone, >>>> >>>> as you may or may not know I'm currently modernizing Crypto++ to some >>>> extent. >>>> During some of my other research I noticed that the LibreSSL team decided >>>> to drop their (OpenSSL's) PRNG. >>>> They stated that it's not the job of the TLS library to provide users with >>>> randomness but rather the OS's job. >>>> >>>> So here comes my question: >>>> >>>> How far do we trust the PRNGs of Windows (CryptGenRandom()) and UNIX >>>> (/dev/random?)? >>> >>> As far as I know a thing about crypto, I'm going to throw my opinion in >>> this starting discussion, while it's still new ;) >>> >>> Me to, I think it's the OS's job to do rng. AFAIK, Linux does a fairly >>> well job on that; it uses a lot of different sources for entropy. >>> Sources which CryptoPP/userland cannot acces: Intel CPU entropy >>> generator, network chatter, USB chatter. >>> >>> I would trust my /dev/random. I wouldn't trust Windows' RNG though, but >>> I wouldn't trust any randomgenerator on a closed source system. >>> >>>> >>>> Is it neccesssary to find any source of potential entropy we can get or do >>>> we just sit there and use the entropy the OS provides to us? >>>> >>>> Depending on your answers I'll adapt my Fortuna implementation (if we >>>> trust >>>> in the OS, the OS will feed the pools, if not I have to do it). >>>> >>>> Now the master question: DO we even CAN get GOOD entropy in USERLAND? (-> >>>> Crypto++'s main usage) >>>> >>>> BR >>>> >>>> JPM >>> >>> >>> -- >>> -- >>> You received this message because you are subscribed to the "Crypto++ >>> Users" Google Group. >>> To unsubscribe, send an email to >>> [email protected]. >>> More information about Crypto++ and this group is available at >>> http://www.cryptopp.com. >>> --- >>> You received this message because you are subscribed to the Google Groups >>> "Crypto++ Users" group. >>> To unsubscribe from this group and stop receiving emails from it, send an >>> email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. > > -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
