[cryptography] on using RDRAND [was: Entropy improvement: haveged + rngd together?]

coderman coderman at gmail.com
Mon Dec 2 14:17:32 EST 2013


On Sun, Dec 1, 2013 at 12:27 PM,  <dj at deadhat.com> wrote:
> ...
> I would not characterize the Linux RNG issue as "fully resolved" in any
> way. Until every CPU maker includes a source of entropy by design (instead
> of by accident).


for my own uses, and what i feel reasonable requirements, i would
agree that Linux is not usable without a hardware entropy source.
userspace entropy collectors without hardware entropy are useful and
complementary but not alone sufficient.

the lack of pervasive hardware entropy sources is the most frustrating
aspect, and the slowest to make progress.  i like Marsh Ray's earlier
descriptive story[0] of the current paralysis in this sense, even if a
cop out and inexcusable when employed by vendors and chip designers.

the work that you have done to make hardware entropy sources readily
available in Intel chips should be commended, and i certainly
appreciate it.  i will however continue to complain until it is even
better, with configurable access to the raw entropy samples for those
who wish to evaluate or run the TRNG in this mode.

best regards,


0. "[cryptography] Duplicate primes in lots of RSA moduli" - Marsh Ray
Wed Feb 22 16:55:39 EST 2012
  http://lists.randombit.net/pipermail/cryptography/2012-February/002438.html
"""
I'm putting myself in the position of an engineer who's designing the
logic and writing some low-level firmware for the next consumer grade
$50 blue box home router/wifi/firewall appliance:...
"""


More information about the cryptography mailing list