Linux Kernel Works To Make Better Random Reseeding

Written by Michael Larabel in Hardware on 15 December 2013 at 09:05 AM EST. 1 Comment
HARDWARE
While /dev/random was made faster and more random in Linux 3.13, in light of the NSA controversies and that Intel/VIA hardware encryption and random generators may not even be trustworthy, there's been a rework in how reseeding happens for the Linux kernel's random component.

Greg Price sent out a patch-set on Saturday that changes how re-seeing the non-blocking pool happens, which supplies /dev/urandom and the kernel's internal randomness needs.

Greg wrote, "The most important change is to make sure that the input entropy always comes in large chunks, what we've called a 'catastrophic reseed', rather than a few bits at a time with the possibility of producing output after every few bits. If we do the latter, we risk that an attacker could see the output (e.g. by watching us use it, or by constantly reading /dev/urandom), and then brute-force the few bits of entropy before each output in turn...After the whole series, our behavior at boot is to seed with whatever we have when first asked for random bytes, then hold out for seeds of doubling size until we reach the target (by default 512b estimated.) Until we first reach the minimum reseed size (128b by default), all input collected is exclusively for the nonblocking pool and /dev/random readers must wait."

More details on this random re-seeding rework for the Linux kernel can be found on the kernel mailing list and could appear in the Linux 3.14 kernel.
1 Comment
Related News
Fwupd 1.8.10 Released With New Hardware Support, Faster Startup On ChromeOS
IBM Looks To Squeeze Support For Future Power "Dense Math" CPUs Into GCC 13
XP-PEN Deco 01 V2 Drawing Tablet Support Added To Linux 6.2
Linux 6.3 To Support Pluton's CRB TPM2 On AMD Ryzen CPUs
Aspeed ACRY Engine Driver On Deck For Linux 6.3 To Speed-Up ECDSA/RSA
Hardware Monitoring Sensor Driver Additions Begin Queuing For Linux 6.3
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Firefox 109 vs. Chrome 109 Browser Benchmarks On Ubuntu Linux + Core i9 13900K
helloSystem 0.8 Released As macOS Inspired FreeBSD Desktop OS
Linux 6.2-rc5 Released - The Kernel Will Most Likely Be Extended Through 6.2-rc8
Wine 8.0 Released With PE Conversion Complete, Progress On WoW64 Support
AMD Zen 4 SMBA & BMEC Features Still Working Their Way To The Linux Kernel
AMDGPU Linux 6.3 Addition To Help With Optimized Buffer Placement
More Improvements Come To KDE Plasma Wayland, KF6 Development Enters Next Phase
Microsoft Releases WinGet 1.4 For Improving Its Open-Source Package Manager