On 02/02/2013 02:49 PM, Björn Persson wrote: > Paolo Bonzini wrote: >> If you're talking about RDRAND, it doesn't hand out entropy. That's >> RDSEED, which will only come with Haswell. >> >> RDRAND only hands out random numbers. > > Huh? "Random numbers" is pretty much synonymous to "entropy" in the > cryptographic language I'm used to. > > Ah, according to this: > http://software.intel.com/en-us/blogs/2012/11/17/the-difference-between-rdrand-and-rdseed > RDRAND doesn't output random numbers, only pseudorandom numbers. I > suppose that's what you meant. Be careful here... Even RDRAND can be used to seed entropy (IMHO that's how rngd is using it) you just need to do more than just use it once. See http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/ namely part "4.4 Guaranteeing DBRG Reseeding" But RDSEED is designed to return entropy directly (just not available on recent CPUs). Milan -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
