Re: Lightweight support for instruction RNGs

To: Alistair Crooks <agc%pkgsrc.org@localhost>
Subject: Re: Lightweight support for instruction RNGs
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Sat, 19 Dec 2015 19:46:47 -0500

On Sat, Dec 19, 2015 at 04:42:54PM -0800, Alistair Crooks wrote:
> Have you tried running this with pkgsrc/math/dieharder? I'd be
> interested to see the results (the current version in pkgsrc -- 3.31.1
> -- is much better than the previous one, and displays its results in a
> much more useful way than previously). Not the be-all and end-all, but
> still worthwhile running it.

I have to ask, how would you hook it up and what exactly would be the
point?  If you want to run RDRAND output through dieharder, you don't
need to use the kernel for that -- the instruction is not a privileged
instruction.

And suppose you had a nasty tainted CPU where RDRAND actually just
fed you the output of AES-256 with a key known to the adversary.  That
output will pass statistical tests just fine -- all of them -- since
if the output of the cipher is distinguishable from truly random data
without knowledge of the key, that's a pretty good indicator there's
a problem with the cipher...

Thor

Follow-Ups:
- Re: Lightweight support for instruction RNGs
  - From: Alistair Crooks

References:
- Lightweight support for instruction RNGs
  - From: Thor Lancelot Simon
- Re: Lightweight support for instruction RNGs
  - From: Alistair Crooks

Prev by Date: Re: Lightweight support for instruction RNGs
Next by Date: Re: Lightweight support for instruction RNGs
Previous by Thread: Re: Lightweight support for instruction RNGs
Next by Thread: Re: Lightweight support for instruction RNGs
Indexes:

Home | Main Index | Thread Index | Old Index