[Ach] Recomendation on haveged in Bettercrypto chapter 3.3.3
Maciej Soltysiak
maciej at soltysiak.com
Wed Apr 29 13:37:51 CEST 2015
Dear list,
First of all thanks to all contributors of Bettercrypto.org - it's great
and I've been using often and promoting it to some people.
I wanted to ask about one recomendation give in chapter 3.3.3 on haveged.
Haveged is suggested for increasing the kernel entropy pool to improve the
RNG quality.
Now, I've been using haveged in a few places with success, but I recently
have read something that has changed my view on it. It was this article: [1]
The author writes quite convincingly that low entropy does not matter; that
there is no count of entropy, but an estimate and given the fact that in
actuality /dev/random and /dev/urandom are fed by the same CSPRNG, the only
difference is that /dev/random blocks and /dev/urandom is - given the
computational security we're aiming to get - a safe bet.
Therefore, when I asked about it [2] I was suggested that haveged is only a
waste of resources. That made me go back to bettercrypto and think whether
it's good to add a note that haveged is sometimes proposed, but it's not
improving the security of crypto using the RNGs. If you suffer from
/dev/random blocking, use /dev/urandom. Period. No benefit in using
/dev/random and feeding entropy.
Of course, I'm far from being authority, I'm just wearing a sysadmin hat
here and asking around.
[1] http://www.2uo.de/myths-about-urandom/
[2] https://twitter.com/veorq/status/591753646104322050
Best regards,
Maciej
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20150429/0c3de600/attachment.html>
More information about the Ach
mailing list