These seem like really good mitigations to make a userland RNG safe. But makes me wonder why they don’t just use a kernel RNG.https://aws.amazon.com/blogs/opensource/better-random-number-generation-for-openssl-libc-and-linux-mainline/ …
-
-
The third mitigation still seems to rely on kernel support, so it still seems like auditing and replacing the kernel RNG is in scope.
-
For now it's easier - Linux won't break a userspace guarantee, so madvise option is reliable, but an SP800-90A DRBG may come to Linux soon in the form of http://www.chronox.de/lrng.html , http://www.chronox.de/lrng/doc/lrng.pdf …
- 6 more replies
New conversation -
-
-
Reason 3: We use OpenSSL/BoringSSL libcrypto for some operations, and wanted to over-ride its internal RNG with something we understood. Glad we're converging now!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.