Intel 810 Random Number Generator
Sandy Harris
sandy en storm.ca
Lun Ene 24 04:26:36 CST 2000
Jeff Garzik wrote:
> Is it feasible to offer a compile-time option which simply replaces
> /dev/random?
Methinks that would be an error. You'd be trusting the RNG too much.
Use it as an input to /dev/random by all means, but not as a
replacement.
There are lots of non-Intel CPUs out there, and Intel chipsets
without the RNG. How do you ensure no one will ever compile with the
wrong switches, or that the system remains secure if they do?
I'm not sure we are on publication and analysis of the design, which
is essential before it can be trusted for security-critical functions.
Even a thorough analysis of a published design, though, cannot catch
implementation errors (though testing should get most of them) or
(though only the really paranoid would fear this) carefully chosen
and carefully concealed trickery inserted into the masks by some
individual or section of Intel who have been bribed, blackmailed or
otherwise subverted by the forces of evil.
Nor can it prevent chip failures.
> I like the internal test, BTW.
So do I. But if the chip RNG has replaced /dev/random, what do we
do when it fails? put up a Blue Screen and tell the user to replace
the motherboard before rebooting?
On the other hand, if it fails when being used as an input to
/dev/random, we just stop taking its input and start worrying
about whether the other entropy sources we have are enough. If not,
the worst that happens is /dev/random blocking clients too long.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
Más información sobre la lista de distribución Ayuda