Date: Fri, 9 Aug 2013 09:46:16 +0200 From: Fabien Thomas <fabient@freebsd.org> To: Mark R V Murray <mark@grondar.org> Cc: freebsd-arch@freebsd.org Subject: Re: random(4) plugin infrastructure for mulitple RNG in a modular fashion Message-ID: <CD5D58DE-C411-40D5-9A7E-79549D21D723@freebsd.org> In-Reply-To: <50BE6942-CC39-413C-8E14-C6B93440901B@grondar.org> References: <20130807182858.GA79286@dragon.NUXI.org> <20130807192736.GA7099@troutmask.apl.washington.edu> <CAGE5yCq%2Bs6kYtVYyxi27RAqPmvpV42nNNykm2%2B2x1EJGCihYXw@mail.gmail.com> <5203968D.7060508@freebsd.org> <7018AAA9-0A88-430F-96B7-867E5F529B36@bsdimp.com> <50BE6942-CC39-413C-8E14-C6B93440901B@grondar.org>
next in thread | previous in thread | raw e-mail | index | archive | help
>>=20 >> On Aug 8, 2013, at 7:01 AM, Andrey Chernov wrote: >>=20 >>> Many years ago I already suggest to de-modularize random (making it = not >>> optional), with fallback to yarrow if hardware RNGs can't be probed = or >>> not configured. >>=20 >> I think that the 'fallback to yarrow' is necessary here. >=20 > My current inclination is to make Yarrow the basic device (or "Fortuna = Lite", but that is a problem for MUCH later), and make the hardware = devices feed Yarrow, if they are present. I also think this is the best option to have as a default: - Keep a good software random - Add more source of entropy at early boot - Dont trust HW random (keep it as one probed source of seed) User can choose to switch to pure HW random to replace SW. A good source of information here: = http://th.informatik.uni-mannheim.de/people/lucks/papers/Ferguson/Fortuna.= pdf Fabien=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CD5D58DE-C411-40D5-9A7E-79549D21D723>