FreeBSD Developers Will Not Trust Chip-Based Encryption - Slashdot

Become a fan of Slashdot on Facebook

×

FreeBSD Developers Will Not Trust Chip-Based Encryption 178

Posted by Soulskill on Wednesday December 11, 2013 @05:05PM from the fool-me-once,-shame-on-you dept.

New submitter srobert writes "An article at Ars Technica explains how, following stories of NSA leaks, FreeBSD developers will not rely solely on Intel's or Via's chip-based random number generators for /dev/random values. The values will first be seeded through another randomization algorithm known as 'Yarrow.' The changes are effective with the upcoming FreeBSD 10.0 (for which the first of three planned release candidates became available last week)."

This discussion has been archived. No new comments can be posted.

FreeBSD Developers Will Not Trust Chip-Based Encryption

Search 178 Comments Log In/Create an Account

Comments Filter:

Re: what's that going to accomplish? (Score:5, Informative)

by Anonymous Coward writes: on Wednesday December 11, 2013 @05:24PM (#45664045)

https://www.schneier.com/yarrow-qa.html
your ignorance is unjustifiable

Parent Share
twitter facebook
Re:Is there any way to gain trust in a chip? (Score:3, Informative)

by Anonymous Coward writes: on Wednesday December 11, 2013 @05:37PM (#45664191)

Black box? No. Even if testing proved it was absolutely random for the first N numbers, there is no way to be certain that N+1 is not the first of a string of non-random numbers.
But it's not necessary to make it a black box. Physical systems take well known phenomena and use them to to generate random numbers. http://en.wikipedia.org/wiki/Random_number_generation#Physical_methods Done this way, you can make a "transparent box" that performs great and is trustworthy.

Parent Share
twitter facebook
FYI, Linux did this 18 months ago (Score:5, Informative)

by swillden ( 191260 ) writes: <shawn-ds@willden.org> on Wednesday December 11, 2013 @05:51PM (#45664333) Journal

One of the first things Ted Ts'o did when he took back maintainership of /dev/random in Linux was to stop depending solely on the hardware RNG.
https://plus.google.com/117091380454742934025/posts/SDcoemc9V3J?e

Share
twitter facebook
Re:Very Smart Move (Score:2, Informative)

by smash ( 1351 ) writes: on Wednesday December 11, 2013 @09:06PM (#45666463) Homepage Journal

Ah, but Linus has called such claims nonsense [theregister.co.uk].
FreeBSD for me, thanks.

Parent Share
twitter facebook
Re:Very Smart Move (Score:5, Informative)

by Anonymous Coward writes: on Wednesday December 11, 2013 @09:45PM (#45666793)

I take it you didn't even actually read what he said, then.
Linus Torvalds responds:
Where do I start a petition to raise the IQ and kernel knowledge of people?
Guys, go read drivers/char/random.c. Then, learn about cryptography. Finally, come back here and admit to the world that you were wrong.
Short answer: we actually know what we are doing. You don't.
Long answer: we use rdrand as _one_ of many inputs into the random pool, and we use it as a way to _improve_ that random pool. So even if rdrand were to be back-doored by the NSA, our use of rdrand actually improves the quality of the random numbers you get from /dev/random.
Really short answer: you're ignorant.
TL;DR: Linux was NOT trusting chips and doing a variant of what FreeBSD plans to do now since quite a bit before.

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

390 comments32-Hour Workweek for America Proposed by Senator Bernie Sanders
358 commentsWhat Should Happen to Empty Downtown Office Spaces?
340 commentsHacktivism Erupts In Response To Hamas-Israel War
324 comments'Feedback' Is Now Too Harsh. The New Word is 'Feedforward'
248 commentsWorkers are Resisting Calls to Return to Offices

"Here's something to think about: How come you never see a headline like `Psychic Wins Lottery.'" -- Comedian Jay Leno