[liberationtech] Random number generator failure in Rasperri Pis?
Matt Mackall
mpm at selenic.com
Fri Jul 19 11:49:57 PDT 2013
On Fri, 2013-07-19 at 10:42 -0700, Andy Isaacson wrote:
> On Fri, Jul 19, 2013 at 01:17:51PM +0100, Michael Rogers wrote:
> > On 19/07/13 13:03, KheOps wrote:
> > > Just came accross this article, apparently showing the bad quality
> > > of the hardware RNG in Raspberri Pi devices.
> > >
> > > http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
> > >
> > > Quite interesting since (pseudo-) random numbers are heavily used
> > > in crypto. Interesting also to see another post on this topic,
> > > after the study of a random number generation procedure formerly
> > > used in Cryptocat and that was also problematic.
> >
> > Is that what the article shows? Looks to me like the Raspberry Pi's
> > hardware RNG (/dev/hwrng) is being held up as an example of 'good
> > randomness' in contrast to the RANDU algorithm's 'bad randomness'.
>
> Regardless of the quality of the HW RNG on RPI, it's not good to expose
> the entropy directly to userspace in /dev/hwrng. Rather, the RPI kernel
> should mix the entropy into the kernel entropy pool and apps should use
> /dev/random to get high-quality entropy mixed from all available entropy
> sources. That way even if an attacker has a backdoor to the HW RNG,
> the user still has a second line of defense due to the other
> unpredictable data mixed into the same pool.
And there's a daemon for this:
apt-get install rng-tools
--
Mathematics is the supreme nostalgia of our time.
More information about the liberationtech
mailing list