Announcement

Collapse
No announcement yet.

Linux 3.15 Random To Support Intel's RDSEED

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux 3.15 Random To Support Intel's RDSEED

    Phoronix: Linux 3.15 Random To Support Intel's RDSEED

    The Linux 3.15 kernel's /dev/random implementation will feature a new instruction of Intel's upcoming Broadwell processors...

    http://www.phoronix.com/vr.php?view=MTY1NDY

  • #2
    Originally posted by phoronix View Post
    Phoronix: Linux 3.15 Random To Support Intel's RDSEED

    The Linux 3.15 kernel's /dev/random implementation will feature a new instruction of Intel's upcoming Broadwell processors...

    http://www.phoronix.com/vr.php?view=MTY1NDY
    I had asked about how Intel's RDRAND could possibly compromise entropy on StackExchange a while ago. Maybe it will be of interest to anyone seeing this article: http://crypto.stackexchange.com/ques...romise-entropy

    Comment


    • #3
      Fine, as it won't be the only source for randomness to be used...

      Comment


      • #4
        Since this chip was designed way before Snowden happened, this instruction most probably has nothing to do with randomness.

        Comment


        • #5
          Is it fully 100% NSA compliant?

          Comment


          • #6
            the RDSEED instruction is supported with Broadwell hardware for seeding /dev/random.
            There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.

            Comment


            • #7
              Originally posted by Szzz View Post
              There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.
              You can seed /dev/random. In a sense, it is actually seeded by environmental noises. Using a hardware generator can be used to get the required entropy faster, especially early after boot, even more so on predictably functioning machines.

              Comment


              • #8
                Linus has already gone over this multiple times. /dev/random and /dev/urandom aren't seeded by a single source. They get used as one of many sources so even if one source is bad, the "bad' gets flushed out by the added entropy from other sources.

                Comment


                • #9
                  Originally posted by droidhacker View Post
                  Is it fully 100% NSA compliant?
                  I should think so.

                  But how to tell...?

                  Comment


                  • #10
                    Originally posted by Szzz View Post
                    There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.
                    /dev/random is also a pseudo-random number generator. It's not safe to use the unconditioned entropy because it has varying quality so it's not exposed.

                    http://www.2uo.de/myths-about-urandom/

                    Comment

                    Working...
                    X