From: "H. Peter Anvin" <hpa@linux.intel.com>
To: Stephan Mueller <smueller@chronox.de>
Cc: herbert@gondor.apana.org.au, Ted Tso <tytso@mit.edu>,
sandyinchina@gmail.com,
Jason Cooper <cryptography@lakedaemon.net>,
John Denker <jsd@av8n.com>, Joe Perches <joe@perches.com>,
Pavel Machek <pavel@ucw.cz>, George Spelvin <linux@horizon.com>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v6 0/5] /dev/random - a new approach
Date: Tue, 16 Aug 2016 15:28:45 -0700 [thread overview]
Message-ID: <2f43d23f-5fbe-9653-fc1c-489db1c7bde4@linux.intel.com> (raw)
In-Reply-To: <2672856.NsbgmUcCJx@tauon.atsec.com>
On 08/15/16 22:45, Stephan Mueller wrote:
> Am Montag, 15. August 2016, 13:42:54 CEST schrieb H. Peter Anvin:
>
> Hi H,
>
>> On 08/11/16 05:24, Stephan Mueller wrote:
>>> * prevent fast noise sources from dominating slow noise sources
>>>
>>> in case of /dev/random
>>
>> Can someone please explain if and why this is actually desirable, and if
>> this assessment has been passed to someone who has actual experience
>> with cryptography at the professional level?
>
> There are two motivations for that:
>
> - the current /dev/random is compliant to NTG.1 from AIS 20/31 which requires
> (in brief words) that entropy comes from auditible noise sources. Currently in
> my LRNG only RDRAND is a fast noise source which is not auditible (and it is
> designed to cause a VM exit making it even harder to assess it). To make the
> LRNG to comply with NTG.1, RDRAND can provide entropy but must not become the
> sole entropy provider which is the case now with that change.
>
> - the current /dev/random implementation follows the same concept with the
> exception of 3.15 and 3.16 where RDRAND was not rate-limited. In later
> versions, this was changed.
>
I'm not saying it should be *sole*. I am questioning the value in
limiting it, as it seems to me that it could only ever produce a worse
result.
-hpa
next prev parent reply other threads:[~2016-08-16 22:28 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-11 12:24 [PATCH v6 0/5] /dev/random - a new approach Stephan Mueller
2016-08-11 12:24 ` [PATCH v6 1/5] crypto: DRBG - externalize DRBG functions for LRNG Stephan Mueller
2016-08-11 12:25 ` [PATCH v6 2/5] random: conditionally compile code depending on LRNG Stephan Mueller
2016-08-11 12:25 ` [PATCH v6 3/5] crypto: Linux Random Number Generator Stephan Mueller
2016-08-11 12:26 ` [PATCH v6 4/5] crypto: LRNG - enable compile Stephan Mueller
2016-08-11 13:50 ` kbuild test robot
2016-08-11 14:03 ` Stephan Mueller
2016-08-11 12:26 ` [PATCH v6 5/5] crypto: LRNG - add ChaCha20 support Stephan Mueller
2016-08-11 21:36 ` [PATCH v6 0/5] /dev/random - a new approach Theodore Ts'o
2016-08-12 9:34 ` Stephan Mueller
2016-08-12 19:22 ` Theodore Ts'o
2016-08-15 6:13 ` Stephan Mueller
2016-08-15 15:00 ` Theodore Ts'o
2016-08-17 21:42 ` Pavel Machek
2016-08-18 17:27 ` Theodore Ts'o
2016-08-18 18:39 ` Pavel Machek
2016-08-19 2:49 ` Theodore Ts'o
2016-08-19 5:56 ` Herbert Xu
2016-08-19 17:20 ` H. Peter Anvin
2016-08-21 3:14 ` Herbert Xu
2016-08-19 7:48 ` Pavel Machek
2016-08-15 20:42 ` H. Peter Anvin
2016-08-16 5:45 ` Stephan Mueller
2016-08-16 22:28 ` H. Peter Anvin [this message]
2016-08-16 22:49 ` H. Peter Anvin
2016-08-17 5:21 ` Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2f43d23f-5fbe-9653-fc1c-489db1c7bde4@linux.intel.com \
--to=hpa@linux.intel.com \
--cc=cryptography@lakedaemon.net \
--cc=herbert@gondor.apana.org.au \
--cc=joe@perches.com \
--cc=jsd@av8n.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@horizon.com \
--cc=pavel@ucw.cz \
--cc=sandyinchina@gmail.com \
--cc=smueller@chronox.de \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).