Announcement

Collapse
No announcement yet.

Linux's RNG Code Continues Modernization Effort With v5.19

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux's RNG Code Continues Modernization Effort With v5.19

    Phoronix: Linux's RNG Code Continues Modernization Effort With v5.19

    Security researcher Jason Donenfeld known as the founder of the WireGuard project has recently been focused on modernizing the Linux kernel's random number generator (RNG/random) code. With the Linux 5.19 kernel there is yet more work landing...

    https://www.phoronix.com/scan.php?pa...Linux-5.19-RNG

  • #2
    Hot damn. I wish all commits came with an essay like that.

    Comment


    • #3
      Hello and Aloha,

      I was convinced that both /dev/{u, }random performed the same task, as non-blocking character devices, even the throughput was exceptionally high, with some rise and fall fluctuations I achieved 110MB/s even on a system that has no cryptographic routines. I have some thoughts about that and the current state-of-the-art of counting system 'jitter' and other 'entropy' harvesting techniques that I presumed were in a (re)seeding mixing scheme of 'entropy' mixing with high quality cryptographic re-hashing as output of that.

      I only recently wrote an article about having a non-blocking interactive character device /dev/entropy to have an accounting [re]-seeding facility that can be configured for different re-seeding strategies to serve the 'entropy' from isolated 'pools of entropy' (short lived TTL ring buffers) to generators , the idea was to de-correlate these and oother sources as much as possible as to further harden the system. Such a facility would aid development and upgrade of current generators but I wanted to do more with the device , because I expect that NIST will have new conformance recommendations ready for the existing 'binary alphabet' bound methods.

      I envisioned the /dev/entropy device to have an interactive stream designer, to enable (new, existing) generators to have delta-streams in secured output, this could be a significant gain for QKD preparedness and development, as delta-streams may serve 'symbol' space expansion and multiplexing (by wavelength division) on the transport layer.

      I also worked on a method and model to have these definitions and configurations encapsulated as highly secured system assets oof which some can be made persistant in a secure function domain. I was inspired by Covid-19 with a hypothese how Covid has this 'offset' memory. Silly eh

      Well, I hope to hear from you what you think,
      thank you for your time and work
      regards, Edwin

      Comment

      Working...
      X