|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Hardware RNG support for EM64T systems
From: Sam Leffler (sam
errno.com)
Date: Sun Feb 19 2006 - 21:48:37 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Brett Lymn wrote:
> On Sun, Feb 19, 2006 at 09:44:13AM -0800, Sam Leffler wrote:
>> The thing about running a FIPS test is news to me :)
>>
>
> Regardless, it would be a Good Idea (tm) to perform some of the FIPS
> tests to ensure the RNG hardware at least looks functional rather than
> accepting a continuous stream of 0's (or 1's) as being "random". I
> don't mean do this continuously but from memory there are some startup
> tests defined by FIPS that are designed to detect malfunctioning
> RNG's.
>
If you want a one-shot deal you can do it from an rc script or maybe
from cron. My stuff interposed and allowed you to shutdown the source
if it saw things failing. You could configure how often it ran and what
tests had to pass etc. etc. man rndtest(4) on freebsd.
Sam
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]