cvs commit: src/sys/modules/random Makefile src/sys/dev/random
harvest.c hash.c hash.h nehemiah.c nehemiah.h probe.c randomdev.c
randomdev.h randomdev_soft.c randomdev_soft.h yar
Sam Leffler
sam at errno.com
Sat Apr 10 13:58:34 PDT 2004
On Apr 10, 2004, at 1:54 AM, Mark Murray wrote:
> Bruce M Simpson writes:
>>>> http://www.cryptography.com/resources/whitepapers/index.html
>>>
>>> Actually, I have. I read it again, now, to be sure. Nothing it says
>>> suggests that what I did here is a "huge mistake". Nearest I get is
>>> the suggestion that the output from the on-chip RNG is used as a
>>> source for a hash function (like Yarrow). I feel that is overkill,
>>> and that the output of the on-chip RNG is sufficient.
>>
>> I'm inclined to trust your judgement here on this, Mark, but Nate does
>> have a valid point; we need to be sure that the entropy sources are of
>> sufficiently high quality or we risk compromising the system.
>>
>> If you could cite some independent tests for the VIA C3 on-chip RNG
>> that would be very helpful to all.
>
> How about Nate's paper? It gives the VIA C3 a very high assessment WRT
> the quality of the entropy delivered.
>
> If it is felt that further whitening of the VIA C3 RNG is needed,
> then I believe that Yarrow would be overkill, and that a much smaller
> hash function will be sufficient.
Unless I misread the paper it seemed very clear in stating that you
need to post-process the h/w RNG. I run all my h/w entropy sources
through the rndtest module (FIPS-140 testing) and frequently see that
h/w entropy sources are not to be trusted (note that rndtest samples
the entropy and that the FIPS test suite is far less stringent than the
testing done in the papers).
I have not had time to review Marks changes but I agree with Nate that
h/w entropy sources should not be trusted and some form of
post-processing must be done. Whether this is Yarrow or something else
is unclear but the papers cited did a thorough analysis while all I've
seen from Mark are statements that he believes these sources are good.
When it comes to stuff like this I believe strongly in taking a
conservative approach.
Sam
More information about the cvs-src
mailing list