[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20130905144818.GA23661@thunk.org>
Date: Thu, 5 Sep 2013 10:48:18 -0400
From: Theodore Ts'o <tytso@....edu>
To: Prarit Bhargava <prarit@...hat.com>
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH] random, Add user configurable get_bytes_random()
On Thu, Sep 05, 2013 at 08:18:44AM -0400, Prarit Bhargava wrote:
> The current code has two exported functions, get_bytes_random() and
> get_bytes_random_arch(). The first function only calls the entropy
> store to get random data, and the second only calls the arch specific
> hardware random number generator.
>
> The problem is that no code is using the get_bytes_random_arch() and switching
> over will require a significant code change. Even if the change is
> made it will be static forcing a recompile of code if/when a user has a
> system with a trusted random HW source. A better thing to do is allow
> users to decide whether they trust their hardare random number generator.
I fail to see the benefit of just using the hardware random number
generator. We are already mixing in the hardware random number
generator into the /dev/random pool, and so the only thing that using
only the HW source is to make the kernel more vulnerable to an attack
where the NSA leans on a few Intel employee and forces/bribes them to
make a change such that the last step in the RDRAND's AES whitening
step is changed to use a counter plus a AES key known by the NSA.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists