Evgeniy Polyakov wrote:
On Thu, 2005-03-24 at 15:56 -0500, Jeff Garzik wrote:See the earlier discussion, when data validation was -removed- from the original Intel RNG driver, and moved to userspace.I'm not arguing against userspace validation, but if data produced _is_ cryptographically strong, why revalidate it again?
You cannot prove this without validating the data in software. Otherwise, you are not handling the hardware-fault case.It is foolish to presume that hardware always works correctly. It is -very- foolish to presume this, in cryptography.
And how HIFN driver can contribute entropy?
Use the current chrdev->rngd method.
You may say, that hardware can be broken and thus produces wrong data, but if user want, it can turn it on or off.
The user cannot know the data is bad unless it is constantly being validated.
Jeff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Pavel Machek <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- References:
- [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: David McCullough <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Jeff Garzik <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: David McCullough <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Jeff Garzik <[email protected]>
- Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- From: Evgeniy Polyakov <[email protected]>
- [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Prev by Date: Re: Promise SX8 performance issues and CARM_MAX_Q
- Next by Date: Re: [PATCH scsi-misc-2.6 08/08] scsi: fix hot unplug sequence
- Previous by thread: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Next by thread: Re: [PATCH] API for true Random Number Generators to add entropy (2.6.11)
- Index(es):