|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Hardware RNG support for EM64T systems
From: Steven M. Bellovin (smb
cs.columbia.edu)
Date: Sun Feb 19 2006 - 10:41:44 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In message <20060219155115.GA29962panix.com>, Thor Lancelot Simon writes:
>
>A major problem with our /dev/random implementation is that it obscures
>the actual input data while doing no testing at all to ensure that it is
>actually random. It is a very bad idea to leave known-questionable
>sources -- particularly ones with high data rates -- connected to it!
Some random number generators have a self-test mode that verifies that
the device is working to at least some extent. Does this one?
That said, the page you cite indicates that Linux (and possibly
FreeBSD) run a FIPS randomness test on what they find. That's a very
good idea in any event.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]