[Cryptography] [RNG] /dev/random initialisation

[Sandy Harris]

Jerry Leichter <leichter at lrw.com> wrote:

>> This is why the Linux RNG allows anyone to add data to the pool as an
>> unprivileged operation, but requires root to change the estimates of how
>> much entropy is in the pool.

> Ah, so like FIPS, Linux only accepts "real" entropy from "authenticated" sources.  :-)
>                                                         -- Jerry

Yes, but the authentication is only that it must come from a process
that is running as root. There are a lot of candidates. Four people
I know of on the list (Peter Gutmann, John Denker, Stephan Mueller
and me) have written something that could be used, and I think
there are at least another half dozen available. Then there are
various ones built into CPUs or chipsets.

Quite likely not all of those are as solid as their authors hope, and
even the ones that sometimes are might fail in other situations.