On Sat, Mar 22, 2014 at 3:18 PM, Brad Martin <[email protected]> wrote: > No magic here. > > Like most RNG schemes, 'havege' probably works good enough for many purposes > ... > I'm not crazy about the scheme. Cache operating parameters can be directly > configured by software. Scheduling algorithms aren't 'hard'. In most cases, > unauthorized modifications to those functions wouldn't matter much, in fact > they might be undetectable in most systems.
i like to think of it in terms of: "if you have a local attacker process in your threat model, you've got bigger problems than your entropy collection and estimation" also, as was said about the network distribution: can't hurt and may help a lot! > There is some willful lack of understanding at work here. The haveged FAQ > hoists itself above alternatives by claiming that: "A HWRNG might > malfunction in such a way that it too passes it's validity tests". Not so, > if the test is performed prior to whitening. exercising restraint; i often rant for hours on the reasons for TRNGs shipping without raw access ;) i trust Haveged more than RDRAND/RDSEED for example. more to your point, pointing fingers at poor entropy systems does nothing to inspire confidence in the one you're trying to promote. i agree with you in this regard completely. > FIPS/AIS tests are specifically > designed to detect even extremely subtle errors in HWRNG systems - and the > fact that they do leave a characteristic signature is used as proof for both > true HWRNG and test process. the FIPS tests are pretty limited (given extremely small sample sizes involved). or perhaps you're talking about something other than FIPS 140-1 sec. 4.11.1? these (140-1) tests may be a better than nothing as catastrophic failure detector, but they are not able "to detect even extremely subtle errors in HWRNG systems" where such bias would need to be analyzed over gigabytes for a robust estimate. best regards, _______________________________________________ RNG mailing list [email protected] http://lists.bitrot.info/mailman/listinfo/rng
