random(4) plugin infrastructure for mulitple RNG in a modular fashion
Fabien Thomas
fabient at freebsd.org
Fri Aug 9 07:46:25 UTC 2013
>>
>> On Aug 8, 2013, at 7:01 AM, Andrey Chernov wrote:
>>
>>> Many years ago I already suggest to de-modularize random (making it not
>>> optional), with fallback to yarrow if hardware RNGs can't be probed or
>>> not configured.
>>
>> I think that the 'fallback to yarrow' is necessary here.
>
> My current inclination is to make Yarrow the basic device (or "Fortuna Lite", but that is a problem for MUCH later), and make the hardware devices feed Yarrow, if they are present.
I also think this is the best option to have as a default:
- Keep a good software random
- Add more source of entropy at early boot
- Dont trust HW random (keep it as one probed source of seed)
User can choose to switch to pure HW random to replace SW.
A good source of information here:
http://th.informatik.uni-mannheim.de/people/lucks/papers/Ferguson/Fortuna.pdf
Fabien
More information about the freebsd-arch
mailing list