lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <41ba2dff-12ed-4127-acbd-ae5b40e38afd@email.android.com>
Date:	Wed, 11 Sep 2013 12:25:48 -0700
From:	"H. Peter Anvin" <hpa@...or.com>
To:	Andy Lutomirski <luto@...capital.net>,
	Jeff Garzik <jgarzik@...ox.com>
CC:	"Theodore Ts'o" <tytso@....edu>,
	David Safford <safford@...ibm.com>,
	Leonidas Da Silva Barbosa <leosilva@...ux.vnet.ibm.com>,
	Ashley Lai <ashley@...leylai.com>,
	Rajiv Andrade <mail@...jiv.net>,
	Marcel Selhorst <tpmdd@...horst.net>,
	Sirrix AG <tpmdd@...rix.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Kent Yoder <key@...ux.vnet.ibm.com>,
	David Safford <safford@...son.ibm.com>,
	Mimi Zohar <zohar@...ibm.com>,
	"Johnston, DJ" <dj.johnston@...el.com>
Subject: Re: TPMs and random numbers

This of course has been a long-running debate.  Similarly, we could make much better use of RDRAND if instead of doing data reduction in rngd we could feed it to the pool and just credit fractional bits.  The FIPS tests that rngd runs are weak and obsoleted, but perhaps better than nothing (now when we don't shut down rngd due to false positives.)

Andy Lutomirski <luto@...capital.net> wrote:
>On Wed, Sep 11, 2013 at 12:06 PM, Jeff Garzik <jgarzik@...ox.com>
>wrote:
>> On Wed, Sep 11, 2013 at 2:45 PM, Theodore Ts'o <tytso@....edu> wrote:
>>> We should definitely do this.  If the TPM driver could fetch some
>>> randomness and then call add_device_randomness() to feed this into
>the
>>> random driver's entropy pool when it initializes itself, that would
>be
>>> ***really*** cool.
>>
>>
>> rngd already does this.
>
>And all those random numbers generated before rngd starts are quite
>possibly crap.
>
>I think that rngd makes sense as a tool to access strange sources of
>entropy and to periodically reseed the pool, but I also think that the
>kernel should really be pulling in easily available entropy on its own
>at startup.
>
>--Andy

-- 
Sent from my mobile phone.  Please pardon brevity and lack of formatting.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ