[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say
Nemo
nemo at self-evident.org
Sun Dec 15 11:16:20 EST 2013
John Kelsey <crypto.jmk at gmail.com> writes:
> Why not just XOR RD_RAND outputs with Yarrow outputs?
Linux /dev/urandom already XORs against RDRAND, but using its own
homegrown hand-waving entropy collector instead of Yarrow.
> That guarantees strong results if either one is good.
"Guarantees" is perhaps too strong a word should Intel turn out to be an
adversary.
http://blog.lvh.io/blog/2013/10/19/thoughts-on-rdrand-in-linux/
http://pastebin.com/A07q3nL3
- Nemo
More information about the cryptography
mailing list