[cryptography] [liberationtech] Heml.is - "The Beautiful & Secure Messenger"

Eugen Leitl eugen at leitl.org
Fri Jul 12 10:20:55 EDT 2013


----- Forwarded message from Matt Mackall <mpm at selenic.com> -----

Date: Thu, 11 Jul 2013 17:34:48 -0500
From: Matt Mackall <mpm at selenic.com>
To: liberationtech <liberationtech at lists.stanford.edu>
Subject: Re: [liberationtech] Heml.is - "The Beautiful & Secure Messenger"
X-Mailer: Evolution 3.4.4-1
Reply-To: liberationtech <liberationtech at lists.stanford.edu>

On Thu, 2013-07-11 at 13:47 -0700, Andy Isaacson wrote:
> > Linux now also uses a closed RdRand [2] RNG if available.
> 
> There was a bunch of churn when this code went in, so I could be wrong,
> but I believe that RdRand is only used to stir the same entropy pool as
> all of the other inputs which are used to generate random data for
> /dev/random et al.  It's hard to leverage control of one input to a
> random pool into anything useful.

It's worth noting that the maintainer of record (me) for the Linux RNG
quit the project about two years ago precisely because Linus decided to
include a patch from Intel to allow their unauditable RdRand to bypass
the entropy pool over my strenuous objections.

>From a quick skim of current sources, much of that has recently been
rolled back (/dev/random, notably) but kernel-internal entropy users
like sequence numbers and address-space randomization appear to still be
exposed to raw RdRand output.

(And in the meantime, my distrust of Intel's crypto has moved from
"standard professional paranoia" to "actual legitimate concern".)

-- 
Mathematics is the supreme nostalgia of our time.


--
Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5


More information about the cryptography mailing list