[Cryptography] [RNG] on RNGs, VM state, rollback, etc.

Kent Borg kentborg at borg.org
Tue Oct 22 07:35:19 EDT 2013


On 10/21/2013 05:21 PM, Philipp Gühring wrote:
> Another completely different idea I had for the boot-time scenario 
> would be to mix in the whole (or a part if it is too much) of the 
> physical RAM (/dev/mem) into the RNG pool at boot time, or on first 
> demand when there isn't enough in the pool already to satisfy the 
> demand (so you don't need to do it if nobody needs /dev/random) 

I used to like that idea. After all, even though power-on contents of 
RAM isn't completely random it is also not completely predictable. Some 
unique bits in there if not rich entropy.

Unfortunately, since I had my brainstorm, RAM technology seems to have 
changed and in my observation recent RAM comes up nearly all zeros. At 
least once Linux is up (and I don't think Linux has taken the time to 
zero things).

Another problem: it takes time to read all that RAM, so one wouldn't 
want to actually wait before finishing booting.

-kb



More information about the cryptography mailing list