[prev in list] [next in list] [prev in thread] [next in thread]
List: cryptography
Subject: Re: [Cryptography] OpenSSL CSPRNG work
From: Ondrej Mikle <ondrej.mikle () gmail ! com>
Date: 2017-07-10 22:44:00
Message-ID: 571daa31-f570-05f8-604b-895912fb5504 () gmail ! com
[Download RAW message or body]
On 07/08/2017 05:38 PM, Theodore Ts'o wrote:
>
> That was on an Intel architecture. The architectures I'm most
> concerned about are ARM and MIPS, some of which don't have a
> high-resolution timer, nor a cycle counter, nor RDRAND.
>
> And cheap-sh*t rounters tend not be to be using x86. Nor do the $40
> Android tablets you can pick up at Shenzhen market. I'm not sure how
> many of the cheap-sh*t routers are using glibc, though. They may all
> be using some other C library in which case maybe it doesn't matter to
> you....
I've tackled this for Turris and Turris Omnia routers. We added RNG for ~ $1
(and it was not that great of a RNG). The point being, if your shitty router has
nowhere to get entropy from, there's no help. You either provide some seed at
factory or rely on on RNG that is onboard.
OM
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic