On Mon, Mar 22, 2021 at 11:37 AM Muni Sekhar <munisekhar...@gmail.com> wrote: > > What are some good Linux projects in kernel space for final year > computer.science engineering students? > Could someone help and share your ideas on this please.
Hedging deployed cryptography. Hedging can be used to keep the state of a machine unique and the rng's in good working order to minimize/eliminate the risk associated with low entropy devices and virtual machine resets. You would hook the network stack and look for the other party's random secret, like ClientHello.random in SSL/TLS [RFC 5246]. When the data arrives you add it to the machine's entropy pools. In addition to SSL/TLS, you also have SSH and IPsec to grab another party's entropy. I am sure there are others, but SSH, SSL/TLS and IPsec are the ones I would focus on. Also see "When Virtual is Harder than Real: Resource Allocation Challenges in Virtual Machine Based IT Environments," http://static.usenix.org/event/hotos05/final_papers/full_papers/garfinkel/garfinkel.pdf ; and "When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography," http://www.isoc.org/isoc/conferences/ndss/10/pdf/15.pdf . Jeff
