On Sat, Apr 18, 2015 at 04:04:14AM +0200, Stephan Mueller wrote:
>
> However, the only serious solution I can offer to not block is to use my
> Jitter RNG which delivers entropy in (almost all) use cases. See [1]. The
> code
> is relatively small and does not have any dependencies. In this case
Am Samstag, 18. April 2015, 09:36:18 schrieb Herbert Xu:
Hi Herbert,
> On Sat, Apr 18, 2015 at 03:32:03AM +0200, Stephan Mueller wrote:
> > In any case, I am almost ready with the patch for an async seeding.
> > Though, I want to give it a thorough testing.
>
> I don't see the point of async see
On Sat, Apr 18, 2015 at 03:32:03AM +0200, Stephan Mueller wrote:
>
> In any case, I am almost ready with the patch for an async seeding. Though, I
> want to give it a thorough testing.
I don't see the point of async seeding, unless you're also making
all generate calls block until the seeding is
Am Samstag, 18. April 2015, 09:27:44 schrieb Herbert Xu:
Hi Herbert,
> On Fri, Apr 17, 2015 at 03:22:56PM +0200, Stephan Mueller wrote:
> > > The only reason someone would use this is to comply with the
> > > standard and this is what the standard requires so I don't see
> > > how we can do anyth
On Fri, Apr 17, 2015 at 03:22:56PM +0200, Stephan Mueller wrote:
>
> > The only reason someone would use this is to comply with the
> > standard and this is what the standard requires so I don't see
> > how we can do anything else.
>
> I do not see a definite quality requirement of the seed source
Am Freitag, 17. April 2015, 21:11:37 schrieb Herbert Xu:
Hi Herbert,
> On Fri, Apr 17, 2015 at 02:48:51PM +0200, Stephan Mueller wrote:
> > Do you really think that this is possible? If the DRBG becomes the stdrng,
> > you would imply that those callers (e.g. IPSEC) may suffer from a long
> > blo
On Fri, Apr 17, 2015 at 02:48:51PM +0200, Stephan Mueller wrote:
>
> Do you really think that this is possible? If the DRBG becomes the stdrng,
> you
> would imply that those callers (e.g. IPSEC) may suffer from a long block (and
> with long I mean not just seconds, but minutes).
It's only 49 b
Am Freitag, 17. April 2015, 10:14:30 schrieb Herbert Xu:
Hi Herbert,
> On Fri, Apr 17, 2015 at 03:19:17AM +0200, Stephan Mueller wrote:
> > 1. during initialization of a DRBG instance, seed from get_random_bytes to
> > have a DRBG state that is seeded and usable.
>
> I think we either need to us
On Fri, Apr 17, 2015 at 03:19:17AM +0200, Stephan Mueller wrote:
>
> 1. during initialization of a DRBG instance, seed from get_random_bytes to
> have a DRBG state that is seeded and usable.
I think we either need to use real entropy and block, or mark
the DRBG unusable until such a time that it
Am Donnerstag, 16. April 2015, 19:11:18 schrieb Andreas Steffen:
Hi Andreas,
> Hi Stephan,
>
> in my opinion you definitively have to seed the DRBG with true
> entropy from /dev/random. This is what we are currently doing
> in userland with the strongSwan DRBG needed for the post-quantum
> NTRU-
Hi Stephan,
in my opinion you definitively have to seed the DRBG with true
entropy from /dev/random. This is what we are currently doing
in userland with the strongSwan DRBG needed for the post-quantum
NTRU-based key exchange algorithm. The NIST SP800-90A spec defines
a parameter which estimates
Am Donnerstag, 16. April 2015, 23:26:18 schrieb Herbert Xu:
Hi Herbert,
>On Thu, Apr 16, 2015 at 05:07:20PM +0200, Stephan Mueller wrote:
>> I do not see a specific requirement in SP800-90A about the quality of the
>> noise source.
>
>Well it explicitly says that you cannot use a DRBG. In the wo
On Thu, Apr 16, 2015 at 05:07:20PM +0200, Stephan Mueller wrote:
>
> I do not see a specific requirement in SP800-90A about the quality of the
> noise source.
Well it explicitly says that you cannot use a DRBG. In the worst
case get_random_bytes is completely deterministic.
> That said, I alre
Am Donnerstag, 16. April 2015, 22:36:17 schrieb Herbert Xu:
Hi Herbert,
>Hi Stephan:
>
>Currently DRBG is seeded with entropy from get_random_bytes.
>However, get_random_bytes is basically the kernel version of
>/dev/urandom. So there is no guarantee that you're actually
>getting the amount of e
14 matches
Mail list logo
