[Ach] removed outdated info on Linux RNG / haveged

Hanno Böck hanno at hboeck.de
Sun May 7 14:13:00 CEST 2017


Hi Aaron,

While I generally agree that using urandom is good advice, there is a
serious problem that the Heninger paper points out: Early boot time
entropy.

There used to be no easy fix, but now there is: The getrandom()
function supports a mode that will block if the RNG hasn't been seeded
yet, but will not block afterwards.
(there is a fake way of achieving the same: Read one byte
from /dev/random and afterwards from /dev/urandom)

getrandom() is only available with relatively recent kernels and very
recent glibc. But I think this is the future solution. It also avoids
situations where applications may not be allowed to access /dev/.

Ideally I'd like to see getrandom become a de-facto-standard and
adopted by other OSes.


-- 
Hanno Böck
https://hboeck.de/

mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20170507/c8e48501/attachment.sig>


More information about the Ach mailing list