From: "Theodore Ts'o" <tytso@mit.edu>
To: "H. Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>,
Jeff Garzik <jgarzik@pobox.com>,
David Safford <safford@us.ibm.com>,
Leonidas Da Silva Barbosa <leosilva@linux.vnet.ibm.com>,
Ashley Lai <ashley@ashleylai.com>,
Rajiv Andrade <mail@srajiv.net>,
Marcel Selhorst <tpmdd@selhorst.net>,
Sirrix AG <tpmdd@sirrix.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Kent Yoder <key@linux.vnet.ibm.com>,
David Safford <safford@watson.ibm.com>,
Mimi Zohar <zohar@us.ibm.com>,
"Johnston, DJ" <dj.johnston@intel.com>
Subject: Re: TPMs and random numbers
Date: Wed, 11 Sep 2013 16:28:31 -0400 [thread overview]
Message-ID: <20130911202831.GC13397@thunk.org> (raw)
In-Reply-To: <41ba2dff-12ed-4127-acbd-ae5b40e38afd@email.android.com>
On Wed, Sep 11, 2013 at 12:25:48PM -0700, H. Peter Anvin wrote:
> This of course has been a long-running debate. Similarly, we could
> make much better use of RDRAND if instead of doing data reduction in
> rngd we could feed it to the pool and just credit fractional bits.
> The FIPS tests that rngd runs are weak and obsoleted, but perhaps
> better than nothing (now when we don't shut down rngd due to false
> positives.)
/dev/urandom is using RDRAND already, and that's what most of the
applications which are generating ssh host keys, session keys, etc.,
are using.
/dev/random is using RDRAND as well, but we're not giving any entropy
credit, so it will take longer to get the necessary randomness to
generate a GPG key.
The rason why it would be good to use TPM to fetch randomness is for
those platforms is (a) for pre-RDRAND capable x86 systems, and (c)
non-x86 platforms that might be using a TPM which don't have a RDRAND
function.
Also, in general, it's better to use as many entropy sources as
possible.
Cheers,
- Ted
next prev parent reply other threads:[~2013-09-11 20:28 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-11 17:22 TPMs and random numbers David Safford
2013-09-11 17:49 ` Andy Lutomirski
2013-09-11 18:45 ` Theodore Ts'o
2013-09-11 19:06 ` Jeff Garzik
2013-09-11 19:08 ` Andy Lutomirski
2013-09-11 19:25 ` H. Peter Anvin
2013-09-11 20:28 ` Theodore Ts'o [this message]
2013-09-11 20:44 ` H. Peter Anvin
2013-09-11 18:47 ` David Safford
2013-09-12 21:57 ` Jörn Engel
2013-09-12 23:38 ` Andy Lutomirski
2013-09-12 23:39 ` Jeff Garzik
2013-09-12 22:13 ` Jörn Engel
2013-09-12 23:51 ` Andy Lutomirski
2013-09-12 22:23 ` Jörn Engel
2013-09-13 2:13 ` Theodore Ts'o
2013-09-13 2:22 ` Jörn Engel
2013-09-11 22:08 ` Johnston, DJ
-- strict thread matches above, loose matches on Subject: below --
2013-09-09 21:11 H. Peter Anvin
2013-09-11 1:50 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130911202831.GC13397@thunk.org \
--to=tytso@mit.edu \
--cc=ashley@ashleylai.com \
--cc=dj.johnston@intel.com \
--cc=hpa@zytor.com \
--cc=jgarzik@pobox.com \
--cc=key@linux.vnet.ibm.com \
--cc=leosilva@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=mail@srajiv.net \
--cc=safford@us.ibm.com \
--cc=safford@watson.ibm.com \
--cc=tpmdd@selhorst.net \
--cc=tpmdd@sirrix.com \
--cc=zohar@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.