tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: regarding the changes to kernel entropy gathering

Thor Lancelot Simon <> writes:

> shuts down, again all entropy samples that have been added (which, again,
> are accumulating in the per-cpu pools) are propagated to the global pool;
> all the stream RNGs rekey themselves again; then the seed is extracted.

It seems obvious to me that "extracting" the seed should be done in such
a way that the state of the internal rng is still unpredictable from the
saved seed, even if the state of the newly-booted rng will be
predictable.  Perhaps by pulling 256 bytes from urandom, perhaps by
something more direct and then some sort of hash/rekey to get back
traffic protection.

Probably this is already done in a way much better thought out than my
30s reaction, the man page doesn't really say this, at least that I
could follow; rndctl -S says "save entropy pool".

Attachment: signature.asc
Description: PGP signature

Home | Main Index | Thread Index | Old Index