[cryptography] Kernel space vs userspace RNG
kevinsisco61784 at gmail.com
Thu May 5 14:13:06 EDT 2016
I personally feel that this is overkill. However, it is always a good
idea to cover all of your bases so I would never say that it's a bad
idea. One can never be to secure!
On 5/5/2016 5:40 AM, shawn wilson wrote:
> Just reflecting on the Linux RNG thread a bit ago, is there any
> technical reason to have RNG in kernel space? There are things like
> haveged which seem to work really well and putting or charging code in
> any kernel can be a bit of a battle (as it should be with code as
> complex as that involving crypto - wouldn't want people missing an
> exploit your new system exposes and accepting it*). So I wonder what
> the gain is for putting RNGs in the kernel.
> The only argument I can think of against this is non technical - if
> you rely on users to pick their RNG implementation, they are liable to
> get it wrong. This may be valid but I'm still curious about the
> technical reasons for RNG in kernel space.
> Also, if kernel space is really necessary, I'd think publishing as a
> dkms type package would gain more traction for getting into mainline
> (but this is probably OT here)
> * Obviously that same argument can be made of userspace programs but
> I'd much prefer my exploits happen at a less privileged ring whenever
> possible :)
> cryptography mailing list
> cryptography at randombit.net
This email has been checked for viruses by Avast antivirus software.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography