Intel 810 Random Number Generator

[Helge Hafting]

> Controlling a thermal signature might be difficult, but making a
> backdoor at the chipset or even BIOS level is more feasible.
> 
> Paranoid yes, but it pays to be overparanoid when dealing /dev/random
> and similar
> 
>         Jeff
> 
So we can't trust the generator, so we can't
get a trustable estimate for its randomness.  But we assume
there is some randomness to be had.

The cure is simple - mix in data from that RNG, but assume
no entropy from it.  This won't throw off the
entropy estimate, but we'll get whatever entropy the device
is capable of.

Someone may analyze the thing and get a better (but
conservative) entropy estimate later, and get beter performance.

Helge Hafting

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo en vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/