chip-level randomness?
Pawel Krawczyk
kravietz at aba.krakow.pl
Thu Sep 20 03:28:54 EDT 2001
On Wed, Sep 19, 2001 at 05:17:18PM -0400, Theodore Tso wrote:
> One of the things which I've always been worried about with the 810
> hardware random number generators in general is how to protect against
> their failing silently. My original design intention here was that
> this be done in a user-mode process that could run FFT's, and do other
> kinds of analysis on the output of the hardware random number
> generator, and then if it passed, it could use an already-existing
> interface to atomically add the random bytes to the entropy pool and
> give credit to the entropy counter.
The rngd daemon by Philipp Rumpf I mentioned in previous posts does almost
exactly that. It runs a loop, that first reads 2500 bytes from i810,
then runs several FIPS 140-1 tests on the data and if it returns success,
it uses RNDADDENTROPY ioct to add this data to the kernel pool. Then it
checks current state of the pool with RNDGETPOOL and either sleeps for
some time or repeats the process. Seems to be reasonable both from the
security and performance perspective...
--
Paweł Krawczyk *** home: <http://ceti.pl/~kravietz/>
security: <http://ipsec.pl/> *** fidonet: 2:486/23
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list