On Tue, May 3, 2016 at 4:48 PM, wrote:
> On Tue, May 03, 2016 at 03:57:15PM +0200, Nikos Mavrogiannopoulos wrote:
>> I believe their main concern is that they want to protect applications
>> which do not check error codes of system calls, when running on a
>> kernel which does not provide getrand
On 2016-05-03 09:57, Nikos Mavrogiannopoulos wrote:
On Tue, Apr 26, 2016 at 3:11 AM, Theodore Ts'o wrote:
On Mon, Apr 25, 2016 at 10:23:51AM +0200, Nikos Mavrogiannopoulos wrote:
That's far from a solution and I wouldn't recommend to anyone doing
that. We cannot expect each and every program t
On Tue, May 03, 2016 at 03:57:15PM +0200, Nikos Mavrogiannopoulos wrote:
>
> I believe their main concern is that they want to protect applications
> which do not check error codes of system calls, when running on a
> kernel which does not provide getrandom(). That way, they have an
> almost impo
On Tue, Apr 26, 2016 at 3:11 AM, Theodore Ts'o wrote:
> On Mon, Apr 25, 2016 at 10:23:51AM +0200, Nikos Mavrogiannopoulos wrote:
>> That's far from a solution and I wouldn't recommend to anyone doing
>> that. We cannot expect each and every program to do glibc's job. The
>> purpose of a system cal
On Mon, Apr 25, 2016 at 10:23:51AM +0200, Nikos Mavrogiannopoulos wrote:
> That's far from a solution and I wouldn't recommend to anyone doing
> that. We cannot expect each and every program to do glibc's job. The
> purpose of a system call like getrandom is to simplify the complex use
> of /dev/ur
On Mon, Apr 25, 2016 at 10:02 AM, Stephan Mueller wrote:
>> > One more item to consider: If you do not want to change to use
>> > getrandom(2), the LRNG provides you with another means.
>> The main problem is not about willing to switch to getrandom() or not,
>> but finding any system where getran
Am Montag, 25. April 2016, 09:55:14 schrieb Nikos Mavrogiannopoulos:
Hi Nikos,
> On Thu, Apr 21, 2016 at 5:16 PM, Stephan Mueller
wrote:
> >> > ... DRBG is “minimally” seeded with 112^6 bits of entropy.
> >> > This is commonly achieved even before user space is initiated.
> >>
> >> Unfortunate
On Thu, Apr 21, 2016 at 5:16 PM, Stephan Mueller wrote:
>> > ... DRBG is “minimally” seeded with 112^6 bits of entropy.
>> > This is commonly achieved even before user space is initiated.
>>
>> Unfortunately one of the issues of the /dev/urandom interface is the
>> fact that it may start providing
Am Sonntag, 24. April 2016, 23:25:00 schrieb Pavel Machek:
Hi Pavel,
> > /* This RNG does not work if no high-resolution timer is available */
> > BUG_ON(!random_get_entropy() && !random_get_entropy());
>
> Heh, does this cause BUG() with 2^-64 probability? :-).
No, but for the listed arches, g
Hi!
> > So you are relying on high-resolution timestamps. Ok. then you do kind
> > of the check on the timestamps... ok, why not. But then you mix in the
> > data regardless, saying that "they are not dependent" and thus can't
> > hurt.
> >
> > But you already know they _are_ dependent, that's wh
Am Sonntag, 24. April 2016, 17:21:09 schrieb Pavel Machek:
Hi Pavel,
> Hi!
>
> > Please find in [1] the full design discussion covering qualitative
> > assessments of the entropy collection and entropy flow. Furthermore, a
> > full
> > testing of the
>
> I don't get it.
>
> # The
> # idea is t
Hi!
> Please find in [1] the full design discussion covering qualitative assessments
> of the entropy collection and entropy flow. Furthermore, a full
> testing of the
I don't get it.
# The
# idea is that only after obtaining LRNG_POOL_SIZE_BITS healthy bits,
# the
#entropy pool is completely ch
On Thu, Apr 21, 2016 at 10:51 PM, Theodore Ts'o wrote:
> I still have a massive problem with the claims that the "Jitter" RNG
> provides any amount of entropy. Just because you and I might not be
> able to analyze it doesn't mean that somebody else couldn't. After
> all, DUAL-EC DRNG was very c
Am Donnerstag, 21. April 2016, 22:51:55 schrieb Theodore Ts'o:
Hi Theodore,
> I still have a massive problem with the claims that the "Jitter" RNG
> provides any amount of entropy. Just because you and I might not be
> able to analyze it doesn't mean that somebody else couldn't. After
> all, DU
I still have a massive problem with the claims that the "Jitter" RNG
provides any amount of entropy. Just because you and I might not be
able to analyze it doesn't mean that somebody else couldn't. After
all, DUAL-EC DRNG was very complicated and hard to analyze. So would
be something like
A
Am Donnerstag, 21. April 2016, 15:03:37 schrieb Nikos Mavrogiannopoulos:
Hi Nikos,
>
> [quote from pdf]
>
> > ... DRBG is “minimally” seeded with 112^6 bits of entropy.
> > This is commonly achieved even before user space is initiated.
>
> Unfortunately one of the issues of the /dev/urandom int
Am Donnerstag, 21. April 2016, 15:03:37 schrieb Nikos Mavrogiannopoulos:
Hi Nikos,
> On Thu, Apr 21, 2016 at 11:11 AM, Stephan Mueller
wrote:
> > Hi Herbert, Ted,
> >
> > The venerable Linux /dev/random served users of cryptographic mechanisms
> > well for a long time. Its behavior is well und
On Thu, Apr 21, 2016 at 11:11 AM, Stephan Mueller wrote:
> Hi Herbert, Ted,
>
> The venerable Linux /dev/random served users of cryptographic mechanisms well
> for a long time. Its behavior is well understood to deliver entropic data. In
> the last years, however, the Linux /dev/random showed sign
Hi Herbert, Ted,
The venerable Linux /dev/random served users of cryptographic mechanisms well
for a long time. Its behavior is well understood to deliver entropic data. In
the last years, however, the Linux /dev/random showed signs of age where it has
challenges to cope with modern computing envi
19 matches
Mail list logo
