DRBG seeding
[Posted April 29, 2015 by jake]
From: |
| Herbert Xu <herbert-AT-gondor.apana.org.au> |
To: |
| Stephan Mueller <smueller-AT-chronox.de> |
Subject: |
| DRBG seeding |
Date: |
| Thu, 16 Apr 2015 22:36:17 +0800 |
Message-ID: |
| <20150416143617.GA17178@gondor.apana.org.au> |
Cc: |
| Linux Crypto Mailing List <linux-crypto-AT-vger.kernel.org> |
Archive‑link: | |
Article |
Hi Stephan:
Currently DRBG is seeded with entropy from get_random_bytes.
However, get_random_bytes is basically the kernel version of
/dev/urandom. So there is no guarantee that you're actually
getting the amount of entropy required.
Are you sure this is compliant with the DRBG specification?
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt