Re: TPMs and random numbers

From: JÃrn Engel
Date: Thu Sep 12 2013 - 19:58:29 EST

Next message: Prarit Bhargava: "Re: [PATCH] hpet, allow user controlled mmap for user processes"
Previous message: Andy Lutomirski: "Re: TPMs and random numbers"
In reply to: Andy Lutomirski: "Re: TPMs and random numbers"
Next in thread: Theodore Ts'o: "Re: TPMs and random numbers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 12 September 2013 16:51:15 -0700, Andy Lutomirski wrote:
>
> Supposedly, the Linux entropy pool has the property that mixing in
> even actively malicious data is no worse than not mixing in anything
> at all.

It is worse in three ways:
- it costs performance,
- it may create a false sense of safety and
- it actively does harm if we credit it as entropy.

How much weight you assign to each of those is up to you. So long as
we don't credit any of it as entropy, I am not too adverse to mixing
it in. But I can equally see benefit in burning the bridges.

JÃrn

--
There are two ways of constructing a software design: one way is to make
it so simple that there are obviously no deficiencies, and the other is
to make it so complicated that there are no obvious deficiencies.
-- C. A. R. Hoare
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Prarit Bhargava: "Re: [PATCH] hpet, allow user controlled mmap for user processes"
Previous message: Andy Lutomirski: "Re: TPMs and random numbers"
In reply to: Andy Lutomirski: "Re: TPMs and random numbers"
Next in thread: Theodore Ts'o: "Re: TPMs and random numbers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]