[Cryptography] OpenSSL CSPRNG work

Fri Jul 7 01:17:11 EDT 2017


On 7/6/2017 4:38 PM, Theodore Ts'o wrote:
> You still have to solve the problem of how do you reliable and secure
> the seed when the system is booted for the first time right after it
> has been unpacked from the box.  That can potentially be quite
> difficult, since it's likely going to be different for each consumer
> electronics device that is using Linux.
What is the easiest, convincing device makers to safely manage such a
seed, or convincing them to add some kind of hardware generator of
randomness?

-- 
Christian Huitema