Date: Wed, 7 Aug 2013 11:32:41 -0700 From: "David O'Brien" <obrien@FreeBSD.org> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: Arthur Mesh <arthurmesh@gmail.com>, secteam@freebsd.org, freebsd-arch@freebsd.org Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <20130807183241.GB79319@dragon.NUXI.org> In-Reply-To: <20130802073130.GF5771@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Replying to an earlier comments made: On Fri, Aug 02, 2013 at 09:31:30AM +0200, Pawel Jakub Dawidek wrote: > Not to mention that hardware RNGs are often hard to trust. I think Intel > refused to publish RDRAND specs? No argument there. I know some folks feel RDRAND could be tainted for NSA's sake. > With PRNG in place you get consistent performance, it is seeded from > various different sources (hardware RNG being one of them), so it is This isn't correct. If you have hardware RNG today, you use it instead of software RNG. The HW-RNG is not an entropy source into Yarrow. Another thing we're fixing if we can get past this infrastructure change. -- -- David (obrien@NUXI.org)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130807183241.GB79319>