[147922] in cryptography@c2.net mail archive
Re: [Cryptography] [RNG] /dev/random initialisation
daemon@ATHENA.MIT.EDU (Sandy Harris)
Thu Oct 31 13:47:50 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <4250E653-9235-4BBA-B575-AB5436FE1733@lrw.com>
Date: Thu, 31 Oct 2013 13:44:03 -0400
From: Sandy Harris <sandyinchina@gmail.com>
To: Cryptography <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Jerry Leichter <leichter@lrw.com> wrote:
>> This is why the Linux RNG allows anyone to add data to the pool as an
>> unprivileged operation, but requires root to change the estimates of how
>> much entropy is in the pool.
> Ah, so like FIPS, Linux only accepts "real" entropy from "authenticated" sources. :-)
> -- Jerry
Yes, but the authentication is only that it must come from a process
that is running as root. There are a lot of candidates. Four people
I know of on the list (Peter Gutmann, John Denker, Stephan Mueller
and me) have written something that could be used, and I think
there are at least another half dozen available. Then there are
various ones built into CPUs or chipsets.
Quite likely not all of those are as solid as their authors hope, and
even the ones that sometimes are might fail in other situations.
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
