Intel 810 Random Number Generator

Jeremy Fitzhardinge jeremy en goop.org
Lun Ene 24 21:29:36 CST 2000


On 24-Jan-00 sottek wrote:
>#1 Make random.c export a function to the kernel that takes in raw
> random data and adds it to the entropy pool without doing any work on
> it. This is a trust issue, we have to assume that people in the kernel
> have better ways to mess with the machine than adding non-random data
> to the pool.

Well, adding non-random stuff to /dev/random's entropy pool won't decrease the
randomness of its output, but it may throw off its estimate of the available
entropy.  Even if someone does manage to get the i810 to generate
non-randomness, they still need to break /dev/random's bit-mixer to determine
the internal state to be able to predict its output.

I think having it inject randomness into the /dev/random pool directly (ie
without a user-mode component) seems like the cleanest solution.

        J

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



Más información sobre la lista de distribución Ayuda