On 10 Sep 2013, at 19:13, Harald Schmalzbauer h.schmalzba...@omnilan.de wrote:
Hello,
some time ago, before random(4) was rewritten for FreeBSD 5 by Mark
Murray, we had rng, the i815 hardware random number generator.
At this time, there were rumors about the quality of the randomness.
Now we have rdrand (BullMountain hardware random generator in IvyBridge)
and Dual_EC_DRBG (NSA's NIST contribution) makes me wonder if quality is
again something to worry about - although kib's commit message states:
„From the Intel whitepapers and articles about Bull Mountain, it seems
that we do not need to perform post-processing of RDRAND results, like
AES-encryption of the data with random IV and keys, which was done for
Padlock. Intel claims that sanitization is performed in hardware.“
When we use the software random device, one has great control over
/dev/random with sysctk kern.random.
Are there considerations to extend the HW-rng-implementation by optional
post processing?
Yes. This was discussed in Cambridge recently, and will no doubt be brought
up again in Malta. There are indeed plans to post-process the output of
rdrand.
M
--
Mark R V Murray
signature.asc
Description: Message signed with OpenPGP using GPGMail
