| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3381856.qSaz1KcX2Z@positron.chronox.de> Date: Sat, 18 Jun 2016 18:31:26 +0200 From: Stephan Mueller <smueller@...onox.de> To: Theodore Ts'o <tytso@....edu> Cc: David Jaša <djasa@...hat.com>, Andi Kleen <andi@...stfloor.org>, sandyinchina@...il.com, Jason Cooper <cryptography@...edaemon.net>, John Denker <jsd@...n.com>, "H. Peter Anvin" <hpa@...ux.intel.com>, Joe Perches <joe@...ches.com>, Pavel Machek <pavel@....cz>, George Spelvin <linux@...izon.com>, linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v4 0/5] /dev/random - a new approach Am Samstag, 18. Juni 2016, 10:44:08 schrieb Theodore Ts'o: Hi Theodore, > > At the end of the day, with these devices you really badly need a > hardware RNG. We can't generate randomness out of thin air. The only > thing you really can do requires user space help, which is to generate > keys lazily, or as late as possible, so you can gather as much entropy > as you can --- and to feed in measurements from the WiFi (RSSI > measurements, MAC addresses seen, etc.) This won't help much if you > have an FBI van parked outside your house trying to carry out a > TEMPEST attack, but hopefully it provides some protection against a > remote attacker who isn't try to carry out an on-premises attack. All my measurements on such small systems like MIPS or smaller/older ARMs do not seem to support that statement :-) Ciao Stephan
Powered by blists - more mailing lists