Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752658AbcDVE7m (ORCPT ); Fri, 22 Apr 2016 00:59:42 -0400 Received: from mail.eperm.de ([89.247.134.16]:53018 "EHLO mail.eperm.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750806AbcDVE7l (ORCPT ); Fri, 22 Apr 2016 00:59:41 -0400 From: Stephan Mueller To: "Theodore Ts'o" Cc: herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, sandyinchina@gmail.com Subject: Re: [RFC][PATCH 0/6] /dev/random - a new approach Date: Fri, 22 Apr 2016 06:59:32 +0200 Message-ID: <6974210.pKFp51TpM6@tauon.atsec.com> User-Agent: KMail/4.14.10 (Linux/4.4.6-301.fc23.x86_64; KDE/4.14.18; x86_64; ; ) In-Reply-To: <20160422025155.GA6690@thunk.org> References: <9192755.iDgo3Omyqe@positron.chronox.de> <20160422025155.GA6690@thunk.org> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 950 Lines: 27 Am Donnerstag, 21. April 2016, 22:51:55 schrieb Theodore Ts'o: Hi Theodore, > I still have a massive problem with the claims that the "Jitter" RNG > provides any amount of entropy. Just because you and I might not be > able to analyze it doesn't mean that somebody else couldn't. After > all, DUAL-EC DRNG was very complicated and hard to analyze. So would > be something like > > AES(NSA_KEY, COUNTER++) > > Very hard to analyze indeed. Shall we run statistical tests? They'll > pass with flying colors. > > Secure? Not so much. If you are concerned with that RNG, we can easily drop it from the LRNG. The testing documented in the writeup disable the Jitter RNG to ensure that only the LRNG IRQ collection is tested. The conclusions regarding timeliness of the seeding, the prevention of draining the entropy pool are performed without the Jitter RNG which implies that the Jitter RNG can be dropped without harm. Ciao Stephan