On 10 Sep 2013, at 19:13, Harald Schmalzbauer <h.schmalzbauer_at_omnilan.de> wrote: > Hello, > > some time ago, before random(4) was rewritten for FreeBSD 5 by Mark > Murray, we had rng, the i815 hardware random number generator. > At this time, there were rumors about the quality of the randomness. > > Now we have rdrand (BullMountain hardware random generator in IvyBridge) > and Dual_EC_DRBG (NSA's NIST contribution) makes me wonder if quality is > again something to worry about - although kib's commit message states: > „From the Intel whitepapers and articles about Bull Mountain, it seems > that we do not need to perform post-processing of RDRAND results, like > AES-encryption of the data with random IV and keys, which was done for > Padlock. Intel claims that sanitization is performed in hardware.“ > > When we use the software random device, one has great control over > /dev/random with sysctk kern.random. > Are there considerations to extend the HW-rng-implementation by optional > post processing? Yes. This was discussed in Cambridge recently, and will no doubt be brought up again in Malta. There are indeed plans to post-process the output of rdrand. M -- Mark R V Murray
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:41 UTC