tech-crypto archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Patch: rework kernel random number subsystem

Thor Lancelot Simon wrote:

> On Sat, Oct 22, 2011 at 01:53:39PM +1100, Simon Burge wrote:
> > Thor Lancelot Simon wrote:
> > 
> > >      *When these generators are rekeyed, the 'rngtest' test is run
> > >      on their output and the kernel will panic if it fails.*  It
> > >      is not the long-term intent to panic on a rngtest failure,
> > >      but rather to rekey; but this is a good way to detect bugs in
> > >      the implementation (see below).
> > 
> > Can this panic behaviour be sysctl'able or #ifdef'd, and default to not
> > do that?  It seems like a very large sledgehammer to use.  I suspect
> > there'll be a large class of users who wouldn't expect a panic simply
> > because they asked for a random number and it found a bug in your
> > implementation.
> Isn't that question already answered above?  "It is not the long-term
> intent to panic on a rngtest failure, but rather to rekey".
> [[ snip ]]
> In any case, once this code is stable, as I said in my original message,
> I will adjust it so that it does not panic on a statistical RNG test
> failure.  For now, the test finds bugs, so I think it has considerable
> value as it is.

It isn't obvious form either of your messages if you want to commit
that patch to the source tree before or after the rekey portion was
implemented.  My point is that there will be some (many? most?)
users who care more for a stable system than one that can give
cryptographically strong random numbers but panic because of the
implementation of the random number generator.


Home | Main Index | Thread Index | Old Index