Re: /dev/random5

To: debian-user@lists.debian.org
Subject: Re: /dev/random5
From: Zenaan Harkness <zen@freedbms.net>
Date: Sun, 3 Aug 2014 11:38:57 +1000
Message-id: <[🔎] CAOsGNSQ9jtSJYp0Mm0M_WDyK=q_KCJ+xjbvkP92fFiSK-=Zm_Q@mail.gmail.com>
In-reply-to: <[🔎] CAAr43iMqXUnnpZAPnPUtsx8yUL7q7t8fgW9dHNRqgBQUdp3T5w@mail.gmail.com>
References: <CAAr43iOVfxiZ+JFRNmQqV5JtUiYQOEcw1tuFL-r4rkHdj92SVw@mail.gmail.com> <[🔎] CAAr43iMqXUnnpZAPnPUtsx8yUL7q7t8fgW9dHNRqgBQUdp3T5w@mail.gmail.com>

On 8/3/14, Joel Rees <joel.rees@gmail.com> wrote:

> And it occurs to me in the morning that I forgot to explain Paul's
> question.
>
> As I understand it, he's asking whether any of us on the users list has
> anaylyzed the output of both /dev/random and /dev/urandom .  Not just
> whether any of us are having issues with blocking, but with the randomness
> as well.
>
> Unfortunately, the answer seems to be that none of us who understood the
> question seem to care enough to find out whether we have issues.
>
> I would like to have the time to look at the code in the debian repos
> versus the upstream,
> to get an idea what to test for, and actually look for
> entropy exhaustion cases and mitigations.

AIUI, there likely are no debian specific patches to the
Linux /dev/random code. Such changes/patches should
-definitely- be done in public, on the linux kernel list.

Debian has been embarrassingly caught out once before
with a crypto/random (kernel) patch which was carried by
debian and never went upstream, and which caused security
problems and did not fix them. That situation is hopefully
unlikely to be repeated.

I.e., the debian linux kernel /dev/random should be
identical to upstream.

What to look for? kernel mailing list discussions and lwn
articles. Eg:

Date: Thu, 23 Sep 2004 19:43:40 -0400
Subject: [PROPOSAL/PATCH] Fortuna PRNG in /dev/random
http://lwn.net/Articles/103653/

[PATCH] /dev/random: Insufficient of entropy on many architectures
[Posted September 17, 2013 by corbet]
http://lwn.net/Articles/567070/

On entropy and randomness
By Jake Edge, December 12, 2007
http://lwn.net/Articles/261804/

/dev/random cleanup
Date: Sat, 28 Sep 2002 00:50:40 -0500
http://lwn.net/Articles/11237/

On the safety of Linux random numbers
[Posted May 9, 2006 by corbet]
http://lwn.net/Articles/182874/

CPU Jitter RNG: inclusion into kernel crypto API and /dev/random
Date: Fri, 11 Oct 2013 20:38:51 +0200
http://lwn.net/Articles/570328/

Russell: Sources of Randomness for Userspace
[Posted March 29, 2012 by jake]
http://lwn.net/Articles/489489/

Holes in the Linux random number generator?
May 24, 2006 by Jake Edge
http://lwn.net/Articles/184925/

There are more.

Reply to:

References:
- Re: /dev/random5
  - From: Joel Rees <joel.rees@gmail.com>

Prev by Date: Re: Bug#736258: acpid won't stop, won't upgrade (systemd) - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736258
Next by Date: Re: Skype access cancelled for Debian versions before 7
Previous by thread: Re: /dev/random5
Next by thread: Re: /dev/random5
Index(es):
- Date
- Thread