Announcement

Collapse
No announcement yet.

Linux Kernel Diverts Question To Distros: Trust CPU Hardware Random Number Generators?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • RavFX
    replied
    Originally posted by kpedersen View Post
    It is a very sad state of affairs when we don't trust the people we *have* to rely on. Doesn't that more make them our captors than our vendors?

    We *really* need a truly open-source hardware stack!
    That will change nothing to the current situation, except if you actually own the fabs required to manufacture all the parts and supervise or control everything in the production process.

    With an open source hardware stack, it allow NSA, CSIS & friend to study the actual hardware implementation so they can provide a nice hardware patch for the CPU to add some backdoor. Then they send these patch to TSMC and friends with a couple thousand bitcoins and voila! Better backdoor in your "open" CPU, better and more performing backdoor than what you can get in closed hardware where they need to spy in the internal and try to reverse engineer said hardware and then hide the hardware modification without being caught.

    Leave a comment:


  • schmidtbag
    replied
    Here's what I don't get: why do people continue to make such a big fuss out of random number generators? It seems at least once per year I hear about someone saying the existing method isn't good enough. And yet, is there actually any realistic proof of that? Yes, I understand they can be predicted, but how often has this been exploited in the real world, or, how easily could it be exploited? The way I see it, if someone is really that anal over having the most secure and random number possible, there are plenty of hardware number generators out there. Spending $100 or so for peace of mind is not that big of an expense, especially in the server market (where this is the most relevant). I'd much rather the kernel level random number generator be fast and useful for non-security related programs.
    That being said - I'm a little bit surprised modern server motherboards aren't more commonly equipped with integrated random number generators.

    I don't necessarily disagree with Ts'o's comments, but I question how much it's actually worth concerning over.

    Leave a comment:


  • kpedersen
    replied
    It is a very sad state of affairs when we don't trust the people we *have* to rely on. Doesn't that more make them our captors than our vendors?

    We *really* need a truly open-source hardware stack!

    Leave a comment:


  • mb_q
    replied
    This is so terribly stupid; there are tons of uses for even a non-trusted but fast HWRNG, like rendering, machine learning, scientific/business simulations; register-access latency class RNG with infinite cycle and no dumb artefacts would be groundbreaking.

    But no, RDRAND must be for 'security', so it is wrapped in some kind of a hardware PRNG and thus slower than many software PRNGS. On the other hand, while it most likely has no backdoor (it is literally the worse possible place in a CPU to put such), it cannot be ever trusted by anyone sane because it is perfectly closed.

    Such a waste.

    Leave a comment:


  • Adarion
    replied
    As far as I know it's been relatively few, I only recall Loongson. Now there are a few more coming in the x86 area, the AMD dervied one(s) and via VIA's x86 license.

    there are also some "external" HWRNGs.
    https://en.wikipedia.org/wiki/Compar...ber_generators
    There are 4 open designs. Not that much. Those should be more trustable (after reviews). Otoh, there is still a lot of closed hardware (and SW/FW) in most systems anyway, so it's just lowering the risk amount, not eliminating them entirely.
    Last edited by Adarion; 16 August 2018, 07:22 AM.

    Leave a comment:


  • some_canuck
    replied
    Tso doesn't seem to know that China already makes their own CPUs.

    Leave a comment:


  • Linux Kernel Diverts Question To Distros: Trust CPU Hardware Random Number Generators?

    Phoronix: Linux Kernel Diverts Question To Distros: Trust CPU Hardware Random Number Generators?

    In a controversial move, the Linux kernel will be pushing the question off to distribution vendors on whether to put trust in CPU hardware random number generators...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
Working...
X