From: "Stephan Müller" <smueller@chronox.de>
To: PrasannaKumar Muralidharan <prasannatsmkumar@gmail.com>
Cc: linux-samsung-soc@vger.kernel.org,
Herbert Xu <herbert@gondor.apana.org.au>,
Arnd Bergmann <arnd@arndb.de>,
Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>,
linux-kernel@vger.kernel.org,
Krzysztof Kozlowski <krzk@kernel.org>,
Javier Martinez Canillas <javier@osg.samsung.com>,
Kukjin Kim <kgene@kernel.org>,
linux-crypto@vger.kernel.org, Matt Mackall <mpm@selenic.com>,
Olof Johansson <olof@lixom.net>,
"David S. Miller" <davem@davemloft.net>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v3 1/3] crypto: hw_random - Add new Exynos RNG driver
Date: Mon, 27 Mar 2017 15:53:03 +0200 [thread overview]
Message-ID: <1564458.pWTRdRYEuG@positron.chronox.de> (raw)
In-Reply-To: <CANc+2y7USMcmZn9i75vQfnJB5ELRsej7KoBKQ-BORXxSOBW7Ng@mail.gmail.com>
Am Montag, 27. März 2017, 06:23:11 CEST schrieb PrasannaKumar Muralidharan:
Hi PrasannaKumar,
> > Oh my, if you are right with your first guess, this is a bad DRNG design.
> >
> > Just out of curiousity: what happens if a caller invokes the seed function
> > twice or more times (each time with the sufficient amount of bits)? What
> > is
> > your guess here?
>
> Should the second seed use the random data generated by the device?
A DRNG should be capable of processing an arbitrary amount of seed data. It
may be the case that the seed data must be processed in chunks though.
That said, it may be the case that after injecting one chunk of seed the
currently discussed RNG simply needs to generate a random number to process
the input data before another seed can be added. But that is pure speculation.
But I guess that can be easily tested: inject a known seed into the DRNG,
generate a random number, inject the same seed again and again generate a
random number. If both are identical (which I do not hope), then the internal
state is simply overwritten (strange DRNG design).
A similar test can be made to see whether a larger set of seed simply
overwrites the state or is really processed.
1. seed
2. generate random data
3. reset
4. seed with anther seed
5. generate random data
6. reset
7. seed with same data from 1
8. seed with same data from 2
9. generate random data
If data from 9 is identical to 2, then additional seed data is discarded ->
bad design. If data from 9 is identical to 5, then the additional data
overwrites the initial data -> bad DRNG design. If data from 9 neither matches
2 or 5, then all seed is taken -> good design.
Ciao
Stephan
next prev parent reply other threads:[~2017-03-27 13:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-25 16:26 [PATCH v3 0/3] crypto: hw_random - Add new Exynos RNG driver Krzysztof Kozlowski
2017-03-25 16:26 ` [PATCH v3 1/3] " Krzysztof Kozlowski
2017-03-26 15:20 ` PrasannaKumar Muralidharan
2017-03-26 16:01 ` Krzysztof Kozlowski
2017-03-26 16:05 ` Stephan Müller
2017-03-26 16:46 ` PrasannaKumar Muralidharan
2017-03-26 17:05 ` Stephan Müller
2017-03-26 18:09 ` Krzysztof Kozlowski
2017-03-26 17:11 ` Stephan Müller
2017-03-26 18:00 ` Krzysztof Kozlowski
2017-03-26 21:25 ` Stephan Müller
2017-03-27 4:23 ` PrasannaKumar Muralidharan
2017-03-27 13:53 ` Stephan Müller [this message]
2017-03-28 16:48 ` Krzysztof Kozlowski
2017-03-28 17:41 ` Stephan Müller
2017-03-28 17:43 ` Krzysztof Kozlowski
2017-03-25 16:26 ` [PATCH v3 2/3] ARM: exynos_defconfig: Enable Exynos RNG and user-space crypto API Krzysztof Kozlowski
2017-03-25 16:26 ` [PATCH v3 3/3] ARM: multi_v7_defconfig: " Krzysztof Kozlowski
2017-03-25 16:32 ` [PATCH v3 0/3] crypto: hw_random - Add new Exynos RNG driver Stephan Müller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1564458.pWTRdRYEuG@positron.chronox.de \
--to=smueller@chronox.de \
--cc=arnd@arndb.de \
--cc=b.zolnierkie@samsung.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=javier@osg.samsung.com \
--cc=kgene@kernel.org \
--cc=krzk@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-samsung-soc@vger.kernel.org \
--cc=mpm@selenic.com \
--cc=olof@lixom.net \
--cc=prasannatsmkumar@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).