diff options
author | FreeArtMan <dos21h@gmail.com> | 2016-09-23 00:18:38 +0100 |
---|---|---|
committer | FreeArtMan <dos21h@gmail.com> | 2016-09-23 00:18:38 +0100 |
commit | 27bd5b4c67df243ea5dcd11117bf9cd013294936 (patch) | |
tree | 6b51905d6ca5edd2c1884a709a43c50a816ff95b /md/writeup | |
parent | 7711f25852c8372ade16accfca50115af64e1951 (diff) | |
download | md-content-27bd5b4c67df243ea5dcd11117bf9cd013294936.tar.gz md-content-27bd5b4c67df243ea5dcd11117bf9cd013294936.zip |
kernel_dev_hwrng added intro
Diffstat (limited to 'md/writeup')
-rw-r--r-- | md/writeup/kernel_dev_hwrng.md | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/md/writeup/kernel_dev_hwrng.md b/md/writeup/kernel_dev_hwrng.md index 9812d0f..104b522 100644 --- a/md/writeup/kernel_dev_hwrng.md +++ b/md/writeup/kernel_dev_hwrng.md @@ -2,7 +2,14 @@ ## Intro -/* Could be not random at all */ +There is hardware that are can generate "randomness". It can be accesed trought +/dev/hwrng device. Funnies part of hardware random generator it could generate +anything. That why need to verify that data comming from /dev/hwrng. Good +advice is to use /dev/hwrng as additional entropy source. Why we dont trust +/dev/hwrng as random number souce? There is some articles about HW random +generators could be backdoored and could generate predictable values that why +as we cant verify HW design as its not opensourced we choose not to trust it. +In general if you belive in HW random generator you can use it. ## Switching hardware rng @@ -29,7 +36,6 @@ zero-rng ## Testing /dev/hwrng -/* Say basic usage of rng-tools */ There couple of ways how you can test if data is "random" enought. There is standarts like FIPS 140-2 with have criterias to check if data source is pseudo-random. And there is couple of implementations of it. You can get |