lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 1 May 2018 21:53:48 +0200
From:   Pavel Machek <pavel@....cz>
To:     "Theodore Y. Ts'o" <tytso@....edu>,
        Sultan Alsawaf <sultanxda@...il.com>,
        "Jason A. Donenfeld" <Jason@...c4.com>,
        LKML <linux-kernel@...r.kernel.org>, Jann Horn <jannh@...gle.com>
Subject: Re: Linux messages full of `random: get_random_u32 called from`

On Mon 2018-04-30 12:11:43, Theodore Y. Ts'o wrote:
> On Sun, Apr 29, 2018 at 09:34:45PM -0700, Sultan Alsawaf wrote:
> > 
> > What about abusing high-resolution timers to get entropy? Since hrtimers can't
> > make guarantees down to the nanosecond, there's always a skew between the
> > requested expiry time and the actual expiry time.
> > 
> > Please see the attached patch and let me know just how horrible it is.
> 
> So think about exactly where the possible causes of the skew might be
> coming from.  Look very closely at the software implemntation.  The
> important thing here is to not get hung up on the software
> abstraction, but to look at the *implementation*.  (And if it's an
> implementation in architecture specific code, we need to look at all
> architectures.)
> 
> This applies on the hardware level as hard, but that gets harder
> because there many possible hardware implemntations in use out there.
> Remember that that on many systems there may be only single clock
> crystal, and all other hardware timers maybe derived from that clock
> using frequency dividers.  (At least for everything on the mainboard.)

On "many" systems? No, sorry, computers usually do not behave like
this (CMOS RTC has separate clock, for example). I'm pretty sure that
not a single machine problems were reported on has this problem.

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ