On Tue, 2005-03-29 at 20:30 +1000, Herbert Xu wrote: > On Tue, Mar 29, 2005 at 12:21:04PM +0200, Pavel Machek wrote: > > > > What catastrophic consequences? Noone is likely to even *notice*, and > > it does not help practical attack at all. Unless hardware RNGs are > > *very* flakey (like, more flakey than harddrives), this is not a problem. > > The reason some people use hardware RNGs in the first place is because > they don't trust the software RNGs. When the hardware RNG fails but > continues to send data to /dev/random, /dev/random essentially degenerates > into a software RNG. Now granted /dev/random is a pretty good software > RNG, however, for some purposes it just isn't good enough.
I think the most people use hardware accelerated devices to
speed up theirs calculations - embedded world is the best example -
applications that are written to use /dev/random
will work just too slow, so hardware vendors
place HW assistant chips to unload that very cpu-intencive work
from main CPU.
Without ability speed this up in kernel, we completely [ok, almost]
loose all RNG advantages.
--
Evgeniy Polyakov
Crash is better than data corruption -- Arthur Grabowski
signature.asc
Description: This is a digitally signed message part
