Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Evgeniy Polyakov wrote:

On Thu, 2005-03-24 at 15:56 -0500, Jeff Garzik wrote:
See the earlier discussion, when data validation was -removed- from the original Intel RNG driver, and moved to userspace. 

I'm not arguing against userspace validation, but if data produced
_is_ cryptographically strong, why revalidate it again?


You cannot prove this without validating the data in software.

Otherwise, you are not handling the hardware-fault case.
It is foolish to presume that hardware always works correctly. It is -very- foolish to presume this, in cryptography. 



And how HIFN driver can contribute entropy?


Use the current chrdev->rngd method.
You may say, that hardware can be broken and thus produces wrong data, but if user want, it can turn it on or off.
The user cannot know the data is bad unless it is constantly being validated. 

	Jeff


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux