Announcement

Collapse
No announcement yet.

Linux 3.15 Random To Support Intel's RDSEED

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux 3.15 Random To Support Intel's RDSEED

    Phoronix: Linux 3.15 Random To Support Intel's RDSEED

    The Linux 3.15 kernel's /dev/random implementation will feature a new instruction of Intel's upcoming Broadwell processors...

    http://www.phoronix.com/vr.php?view=MTY1NDY

  • #2
    Originally posted by phoronix View Post
    Phoronix: Linux 3.15 Random To Support Intel's RDSEED

    The Linux 3.15 kernel's /dev/random implementation will feature a new instruction of Intel's upcoming Broadwell processors...

    http://www.phoronix.com/vr.php?view=MTY1NDY
    I had asked about how Intel's RDRAND could possibly compromise entropy on StackExchange a while ago. Maybe it will be of interest to anyone seeing this article: http://crypto.stackexchange.com/ques...romise-entropy

    Comment


    • #3
      Fine, as it won't be the only source for randomness to be used...

      Comment


      • #4
        Since this chip was designed way before Snowden happened, this instruction most probably has nothing to do with randomness.

        Comment


        • #5
          Is it fully 100% NSA compliant?

          Comment


          • #6
            the RDSEED instruction is supported with Broadwell hardware for seeding /dev/random.
            There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.

            Comment


            • #7
              Originally posted by Szzz View Post
              There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.
              You can seed /dev/random. In a sense, it is actually seeded by environmental noises. Using a hardware generator can be used to get the required entropy faster, especially early after boot, even more so on predictably functioning machines.

              Comment


              • #8
                Linus has already gone over this multiple times. /dev/random and /dev/urandom aren't seeded by a single source. They get used as one of many sources so even if one source is bad, the "bad' gets flushed out by the added entropy from other sources.
                All opinions are my own not those of my employer if you know who they are.

                Comment


                • #9
                  Originally posted by droidhacker View Post
                  Is it fully 100% NSA compliant?
                  I should think so.

                  But how to tell...?

                  Comment


                  • #10
                    Originally posted by Szzz View Post
                    There is no seed for /dev/random, as it intended to be 100% true random. Seeding is for pseudorandom number generators.
                    /dev/random is also a pseudo-random number generator. It's not safe to use the unconditioned entropy because it has varying quality so it's not exposed.

                    http://www.2uo.de/myths-about-urandom/

                    Comment

                    Working...
                    X