Re: regarding the changes to kernel entropy gathering

To: RVP <rvp%SDF.ORG@localhost>
Subject: Re: regarding the changes to kernel entropy gathering
From: Taylor R Campbell <riastradh%NetBSD.org@localhost>
Date: Sun, 4 Apr 2021 23:16:51 +0000

> Date: Sun, 4 Apr 2021 21:24:56 +0000 (UTC)
> From: RVP <rvp%SDF.ORG@localhost>
> 
> I think running the /dev/random bit-stream through some statistical
> tests, (both on RDRAND/RDSEED-based and estimator-based as in your
> patch) would be useful here.

No, because the output of /dev/random and /dev/urandom is the output
of a pseudorandom number generator that meets modern standards of
security.

If anyone had _ever_ published statistical tests that the PRNG failed
in a detectable way, then (a) this would be an earthshattering
development in the cryptography literature, which would be hotly
discussed in much more significant forums than NetBSD mailing lists,
and (b) we would stop using this PRNG and switch to another one.

(Device-dependent health tests do make sense in the HWRNG device
driver, to detect broken devices before we treat them as having
entropy, which is why we do them wherever we can, e.g. to detect the
AMD RDRAND bugs.)

Follow-Ups:
- Re: regarding the changes to kernel entropy gathering
  - From: RVP

References:
- Re: regarding the changes to kernel entropy gathering
  - From: RVP

Prev by Date: Re: regarding the changes to kernel entropy gathering
Next by Date: Re: regarding the changes to kernel entropy gathering
Previous by Thread: Re: regarding the changes to kernel entropy gathering
Next by Thread: Re: regarding the changes to kernel entropy gathering
Indexes:

Home | Main Index | Thread Index | Old Index