[cryptography] Quality of HAVEGE algorithm for entropy?

coderman coderman at gmail.com
Tue Nov 26 17:33:54 EST 2013


On Tue, Nov 26, 2013 at 10:09 AM, Joachim Strömbergson
<Joachim at strombergson.com> wrote:
> ...
> I have concerns though on embedded SSL stacks that use Havege as entropy
> source on MCUs such as AVR32 and ARM.
> ...
> On an x86-based server you can use Havege, but use it to feed
> /dev/random, not as a RNG directly. The same goes for Jytter.


good points!

haveged should work fine on StrongArm, A8, A9, Xscale, anything with a
high res timer like ARM Cycle Counter (in place of TSC).

older ARM processors and x86 without high res TSC (pre-pentium?) will
have trouble.



and as mentioned, all entropy sources should feed into host entropy
pool via an entropy daemon that verifies entropy, mixes / compresses
it, and then feed into host pool.


More information about the cryptography mailing list