[Cryptography] Is Ron right on randomness
Bill Cox
waywardgeek at gmail.com
Wed Nov 30 08:59:24 EST 2016
On Sat, Nov 26, 2016 at 6:38 AM, Salz, Rich <rsalz at akamai.com> wrote:
> > Absolutely right. Only TRNGs that make raw data available should be
> trusted. Further, the source should have a simple physical model which is
> proven out by measurements, preferably continuously.
>
> Meanwhile, back in the real world... What should OpenSSL do, given the
> wide number of platforms and huge uninformed community that depends on it,
> do?
I just learned on another thread that Linux provided a fixed API. The new
right answer on Linux is to call getrandom:
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c6e9d6f3
It's in linux 3.17. My Ubuntu 14.04 laptop upgraded to 3.19, so I had
it... Then it upgraded to 4.2.0, and now I no longer have it. Grrr...
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161130/602eeaed/attachment.html>
More information about the cryptography
mailing list