[cryptography] Enranda: 4MB/s Userspace TRNG

Steve Weis steveweis at gmail.com
Tue May 26 23:28:17 EDT 2015


On Tue, May 26, 2015 at 7:27 PM, Russell Leidich <pkejjy at gmail.com> wrote:

> Unfortunately, that page doesn't provide insights as to why that piece of
> advice was issued.
>
> On Wed, May 27, 2015 at 2:11 AM, Naveen Nathan <naveen at lastninja.net>
> wrote:
>
>> Avoid: userspace random number generators, havaged, prngd, egd,
>> /dev/random.
>> Source: https://gist.github.com/tqbf/be58d2d39690c3b366ad
>
>
The author Thomas Ptacek has a longer post on why people should just use
/dev/urandom:
http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/

Relying solely on the TSC seems like a bad idea because: 1) userspace
access may be disabled for security purposes with the TSD bit 2) TSC
measurements may be influenced by processes on other cores able to induce
SMIs.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20150526/086e99ea/attachment.html>


More information about the cryptography mailing list