Comments (4)
nhorman
commented on August 16, 2024
so....don't use it.
The fact of the matter is, other users on a local system will always have access to the rdrand instruction, as it is unprivileged, or sufficiently so that rngd has no way to know who may be able to access it. If a user is so concerned with attackers having predictive access to this entropy source, the only practical solution is to turn that source off as an input to rngd (something we already have an option to do)
As for properly crediting the amount of entropy pulled from this source, 128 bits per 2^14 bytes is insanely slow, to the point where the source is effectively useless. Given that the average users values rngd as a source of sufficiently random data to feed the kernel random pool quickly so as to avoid blocking on /dev/random reads during critical times (like boot), we're not going to default restrict the strength of the source to the value you suggest above. I would be willing to entertain a patch from you that added an option to opt in to restricting the entropy count to that value when set, but I promise you no one will use it for any practical purpose.
from rng-tools.
joshuaehill
commented on August 16, 2024
Such a behavior would would be useful for any vendor that actually had to explain why the linux RNG was securely seeded to some specific security level. In the abstract, this is required for any product that needed to undergo FIPS 140-2 / CC (to various PPs) / AIS-31 validation.
Even if an attacker doesn't have local access, rngd is still over-crediting the entropy by a multiplicative factor of at least 511.
from rng-tools.
nhorman
commented on August 16, 2024
Several distributions ship rngd exactly as is, and certify with it against FIPS-140-2 / CC, I work for one of them.
If you would like to see it be stronger, as I noted before, you are welcome to write a patch that allows for an opting into that model, I'm happy to review it.
from rng-tools.
joshuaehill
commented on August 16, 2024
"I don't want /dev/random to block" can be accomplished by just using the RNDADDTOENTCNT ioctl to manually set the kernel's internal kernel entropy estimate (or asking rngd to use /dev/urandom as an input source, which is something that I've actually seen in various folk's "using rngd" instructions!) In order to provide some useful benefit, this tool needs to both introduce additional entropy into the input pool, and not misrepresent the amount of entropy that should be credited.
I'll follow up with a patch.
from rng-tools.
Related Issues (20)
- v6.15 build fails with jitterentropy 3.4 HOT 4
- rng-tools stopped to build with jitterentropy v3.4.0 HOT 16
- kernel handling of hwrng versus rngd HOT 3
- [6.14] rngd --list not showing full list and hangs HOT 31
- rngd and the LRNG HOT 14
- rngtestjitter.sh failures after recent changes HOT 23
- building without qrypt fails HOT 1
- Is it useful with kernel 5.18 (new rng blake2 output - entropy_avail always equal to 256)? HOT 1
- rngd fails with gcrypt library HOT 2
- 'rngd -l' | sources associated to an incorrect index HOT 1
- Add mention of kernel version when referring to it in documentation HOT 6
- External tool as entropy source for Jetson devices HOT 3
- Consider a new release for compatibility with jitterentropy-3.4 HOT 1
- Is it possible to add an option to capture the random data from the source to a file rather than adding it to the kernel entropy pool ? HOT 2
- 6.16: test suie runs forever HOT 2
- Change poolsize definition for recent Linux kernels? HOT 5
- Socket interface for hardware TRNGs HOT 7
- JITTER_OPT_TIMEOUT default value is too low HOT 4
- Coarse mixing of multiple entropy sources HOT 3
- xread_jitter bails out with EWOULDBLOCK in init_jitter_entropy_source (rngd_jitter.c) HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rng-tools.