From: Stephan Mueller Subject: Re: DRBG seeding Date: Thu, 16 Apr 2015 17:32:27 +0200 Message-ID: <2037814.HNld8WWmfI@tauon> References: <20150416143617.GA17178@gondor.apana.org.au> <1505308.pr7rreheuo@tauon> <20150416152618.GA17690@gondor.apana.org.au> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit Cc: Linux Crypto Mailing List To: Herbert Xu Return-path: Received: from mail.eperm.de ([89.247.134.16]:34141 "EHLO mail.eperm.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752355AbbDPPcd (ORCPT ); Thu, 16 Apr 2015 11:32:33 -0400 In-Reply-To: <20150416152618.GA17690@gondor.apana.org.au> Sender: linux-crypto-owner@vger.kernel.org List-ID: Am Donnerstag, 16. April 2015, 23:26:18 schrieb Herbert Xu: Hi Herbert, >On Thu, Apr 16, 2015 at 05:07:20PM +0200, Stephan Mueller wrote: >> I do not see a specific requirement in SP800-90A about the quality of the >> noise source. > >Well it explicitly says that you cannot use a DRBG. In the worst >case get_random_bytes is completely deterministic. > >> That said, I already developed an in-kernel version of /dev/random. I sent >> the patch to LKML some half year ago. If I understood Ted Tso right, there >> is no general objection against adding that in-kernel interface. See [1] >> for the thread. >> >> Furthermore, I already started working on updating the DRBG to use that in- >> kernel /dev/random interface. >> >> Shall I pursue that work in earnest now? >> >> [1] https://lkml.org/lkml/2014/5/11/276 > >Yes I think we should do this. Ok, I will work on that after I added the global lock to the DRBG. > >Thanks, Ciao Stephan