[Cryptography] TRNG related review: rngd and /dev/random
Ray Dillinger
bear at sonic.net
Thu Jan 21 13:51:34 EST 2016
In case anyone is interested, there is a modified 'rm' command
(maintained by Arch or Kali distribution, I forget which) that
copies every file being deleted to /dev/random (where it gets
zero entropy credit but still renders the pool immune from the
vast majority of potential attackers). Including all the stuff
that gets deleted or overwritten daily by rsync while doing
backups. And including the file *names*, so even the empty
'mutex' files that get scattered around in working directories
and temp directories have a small contribution.
I remember it mostly because it was necessary to alter several
shells, including Bash, because their default configuration is
to have the NON-extended version of 'rm' and a few other
common command lines compiled in.
IIRC, the same distro redirects everything sent to /dev/null
into /dev/random as well, and has a configuration option that
makes its extended 'rm' do 'shred' by default. But shredding
addresses a different attack model, of course.
Anyway, it's hard to imagine an attacker keeping up with all
of that, even just through boot time and the virtual filesystem
that gets used to load initial drivers and things. A few bits
here and there that the attacker can't guess, and it's over -
even if the attacker knows the state of the file on disk
*after* the previous shutdown, which is quite difficult for
an attacker who has not physically disassembled the machine.
And once you've taken a picture of your cat....
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160121/1e0d9466/attachment.sig>
More information about the cryptography
mailing list