[148466] in cryptography@c2.net mail archive
Re: [Cryptography] Fwd: [IP] 'We cannot trust' Intel and
daemon@ATHENA.MIT.EDU (Nemo)
Sun Dec 15 15:33:01 2013
X-Original-To: cryptography@metzdowd.com
From: Nemo <nemo@self-evident.org>
To: cryptography@metzdowd.com
Date: Sun, 15 Dec 2013 08:16:20 -0800
In-Reply-To: <86CC5021-CF61-4F42-83F3-C7CBC741C414@gmail.com> (John Kelsey's
message of "Fri, 13 Dec 2013 13:24:21 -0500")
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
John Kelsey <crypto.jmk@gmail.com> writes:
> Why not just XOR RD_RAND outputs with Yarrow outputs?
Linux /dev/urandom already XORs against RDRAND, but using its own
homegrown hand-waving entropy collector instead of Yarrow.
> That guarantees strong results if either one is good.
"Guarantees" is perhaps too strong a word should Intel turn out to be an
adversary.
http://blog.lvh.io/blog/2013/10/19/thoughts-on-rdrand-in-linux/
http://pastebin.com/A07q3nL3
- Nemo
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
