[cryptography] [liberationtech] Random number generator failure in Rasperri Pis?
dj at deadhat.com
Fri Jul 19 21:34:24 EDT 2013
On 7/19/2013 3:26 PM, Nico Williams wrote:
> The rpi's HW RNG is almost certainly better than many /dev/*random
> implementations running as VM guests. How much real business is
> getting transacted on VMs nowadays? Probably a lot.
This probably sounds like a plug for my employer, which it isn't, but
the RdRand instruction was done the way it was done to punch through the
VM and deliver random numbers directly to the running application,
bypassing all those layers of software. Unfortunately VMs came first, so
there's an entropy gap on servers that should be addressed. You still
trust the VM not to meddle with it, but if you don't trust the VM, you
have bigger problems.
I have no reason to doubt the rpi's RNG (I have a clue about its circuit
structure) but I also know that if it matters, you should probably do
some testing of the random numbers before you trust the source, because
no one else is testing it for you.
More information about the cryptography