Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Random number generator failure in Rasperri Pis?

Andy Isaacson adi at hexapodia.org
Fri Jul 19 10:42:00 PDT 2013


On Fri, Jul 19, 2013 at 01:17:51PM +0100, Michael Rogers wrote:
> On 19/07/13 13:03, KheOps wrote:
> > Just came accross this article, apparently showing the bad quality
> > of the hardware RNG in Raspberri Pi devices.
> > 
> > http://scruss.com/blog/2013/06/07/well-that-was-unexpected-the-raspberry-pis-hardware-random-number-generator/
> >
> >  Quite interesting since (pseudo-) random numbers are heavily used
> > in crypto. Interesting also to see another post on this topic,
> > after the study of a random number generation procedure formerly
> > used in Cryptocat and that was also problematic.
> 
> Is that what the article shows? Looks to me like the Raspberry Pi's
> hardware RNG (/dev/hwrng) is being held up as an example of 'good
> randomness' in contrast to the RANDU algorithm's 'bad randomness'.

Regardless of the quality of the HW RNG on RPI, it's not good to expose
the entropy directly to userspace in /dev/hwrng.  Rather, the RPI kernel
should mix the entropy into the kernel entropy pool and apps should use
/dev/random to get high-quality entropy mixed from all available entropy
sources.  That way even if an attacker has a backdoor to the HW RNG,
the user still has a second line of defense due to the other
unpredictable data mixed into the same pool.

-andy



More information about the liberationtech mailing list