[Cryptography] Is Ron right on randomness
Bill Cox
waywardgeek at gmail.com
Sun Nov 27 16:40:41 EST 2016
On Sat, Nov 26, 2016 at 6:38 AM, Salz, Rich <rsalz at akamai.com> wrote:
> > Absolutely right. Only TRNGs that make raw data available should be
> trusted. Further, the source should have a simple physical model which is
> proven out by measurements, preferably continuously.
>
> Meanwhile, back in the real world... What should OpenSSL do, given the
> wide number of platforms and huge uninformed community that depends on it,
> do?
I think there is no need to modify OpenSSL. Hardware TRNGs can write their
entropy directly to /dev/random, and if they are confident enough, they can
also update the estimate of entropy in the pool (I do this with my TRNG).
OpenSSL should simply continue waiting for enough bits to be available.
If the OpenSSL devs have any sway in Linux development, maybe you could
suggest to upstream that /dev/random could be improved. It was good work
for when it was written, but it is showing its age. The same goes for
password hashing in /etc/passwd.
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161127/6d1d2621/attachment.html>
More information about the cryptography
mailing list