Announcement

Collapse
No announcement yet.

A New /dev/random Is Still Being Worked On

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • A New /dev/random Is Still Being Worked On

    Phoronix: A New /dev/random Is Still Being Worked On

    Stephan Müller has announced the newest version of his patches for implementing a new /dev/random implementation he calls the Linux Random Number Generator, or LRNG for short...

    http://www.phoronix.com/scan.php?pag...dom-Linux-4.11

  • #2
    This needs peer review. There is significant interest from people to subvert and weaken the (CS)PRNG.
    Agencies also have experts in kleptocryptography experts who may suggest designs which are designed to look benign and innocuous but cleverly subvert it.
    It is also a very difficult field so it is tricky to get it right.

    Comment


    • #3
      A random-number-generator-writer’s work is never done...

      Comment


      • #4
        They really ought to steal OpenBSD's arc4random properly.

        Comment


        • #5
          No replies on the kernel mailing list. Interesting. Frankly I always love people who think they can create randomness out of thin air. Oooh... wait a minute... air... air is pretty random. Hmmm....

          Comment


          • #6
            Originally posted by cjcox View Post
            No replies on the kernel mailing list. Interesting. Frankly I always love people who think they can create randomness out of thin air. Oooh... wait a minute... air... air is pretty random. Hmmm....
            I love the idea of someone attacking entropy pool through blowing air at a machine

            Comment


            • #7
              Wow, that was the first comment ever I've had that got unapproved. Now I no longer feel special

              Comment


              • #8
                Originally posted by uid313 View Post
                This needs peer review. There is significant interest from people to subvert and weaken the (CS)PRNG.
                Agencies also have experts in kleptocryptography experts who may suggest designs which are designed to look benign and innocuous but cleverly subvert it.
                It is also a very difficult field so it is tricky to get it right.
                Of course. The results should be verified by a third party and the code should be vetted but one should remember to never let perfect be the enemy of good, even in these situations where perfect is the only acceptable long term goal. The current implementation does have serious issues in modern environments due to most of sources of entropy simply is missing on many systems today.

                Originally posted by cjcox View Post
                No replies on the kernel mailing list. Interesting. Frankly I always love people who think they can create randomness out of thin air. Oooh... wait a minute... air... air is pretty random. Hmmm....
                This is a very advanced subject and even people that can make good comments on it needs time to read, understand, test and make sure that things are what they appear to be.

                Comment


                • #9
                  Originally posted by nanonyme View Post
                  I love the idea of someone attacking entropy pool through blowing air at a machine
                  If someone manages to control an air stream well-enough to fool entropy generators using half-modern sensors, attacking entropy pools will be the far far least dangerous thing they can do with that technology.

                  Comment


                  • #10
                    vbullettin is on a spree, I got blocked too (post above this)

                    Comment

                    Working...
                    X