summaryrefslogtreecommitdiff
path: root/md
diff options
context:
space:
mode:
authorFreeArtMan <dos21h@gmail.com>2021-06-21 22:16:22 +0100
committerFreeArtMan <dos21h@gmail.com>2021-06-21 22:16:22 +0100
commit6183d8ffaafd4ab7ee11b5662ae22e815b3cf476 (patch)
treec7d9da8d9ceb626554865914cd7dd99c780a4ea4 /md
parent0ab4ab1ef46d6696243ce5a57a4008eebfde1b20 (diff)
downloadmd-content-6183d8ffaafd4ab7ee11b5662ae22e815b3cf476.tar.gz
md-content-6183d8ffaafd4ab7ee11b5662ae22e815b3cf476.zip
Update /dev/hwrng article
Diffstat (limited to 'md')
-rw-r--r--md/writeup/kernel_dev_hwrng.md9
1 files changed, 8 insertions, 1 deletions
diff --git a/md/writeup/kernel_dev_hwrng.md b/md/writeup/kernel_dev_hwrng.md
index b5e496a..d632652 100644
--- a/md/writeup/kernel_dev_hwrng.md
+++ b/md/writeup/kernel_dev_hwrng.md
@@ -10,7 +10,14 @@ advice is to use /dev/hwrng as additional entropy source. Why we dont trust
/dev/hwrng as random number source? There is some articles about HW random
generators could be backdoored and could generate predictable values that why
as we cant verify HW design as its not open sourced we choose not to trust it.
-In general if you believe in HW random generator you can use it.
+In general if you trust in HW random generators you can use them, but for security
+you better not trust them as there is no way to verify on your side if there is no
+backdoors, so use default secure linux implementation.
+
+First code example is introducing crypto subsystem of linux and how to use it, by
+creating "random" generator that generates zeros. Second example is utilise Intel
+builtin random generator and instruction __rdrand__.
+
## Switching hardware rng