Intel 810 Random Number Generator

Gregory Maxwell greg en linuxpower.cx
Lun Ene 24 21:48:20 CST 2000


On Mon, 24 Jan 2000, Jeff Garzik wrote:

> Frank v Waveren wrote:
> > Am I missing something here? I thought that you could mix all the non-random
> > numbers you want into the entropy pool (long live xor), and it will never make
> > the entropy worse? So I'd say mixing in the RNG won't do any harm, so why not?
> 
> Read the intro text in drivers/char/random.c...
> 
> If the RNG provides a lot more data than other entropy sources, it can
> throw things out of whack.

Thats beyond paranoia. 
The source mentions a malicious attacker, but if such an attacker has
control of the thermal generator in your system you have bigger problems.

If this is indeed a concern, perhaps a more secure 'stir-in' function in
needed.

Rember:

If X xor Y = Z, and Y has an uncertanty of zero then Z has the same
uncertanty of X.



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/



Más información sobre la lista de distribución Ayuda