[Bug 890589] New: Review Request: csprng - Entropy source using the cryptographically secure pseudo-random number generator

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Product: Fedora
https://bugzilla.redhat.com/show_bug.cgi?id=890589

            Bug ID: 890589
           Summary: Review Request: csprng - Entropy source using the
                    cryptographically secure pseudo-random number
                    generator
           Product: Fedora
           Version: rawhide
         Component: Package Review
          Severity: medium
          Priority: medium
          Reporter: hladky.jiri@xxxxxxxxx

Spec URL: http://jhladky.fedorapeople.org/csprng.spec
SRPM URL: http://jhladky.fedorapeople.org/csprng-1.1.1-0.fc16.src.rpm
Description: 
The csprng project provides cryptographically secure pseudo-random number
generator. It consists of

* C library
* csprng-generate utility to generate stream of random numbers written to file
or to STDOUT
* Linux daemon csprngd to fill entropy of Linux kernel random device
/dev/random 

It combines these three components to provide a high quality cascade random
number generator:

* HAVEGE hardware random number generator. HAVEGE combines on-the-fly hardware
volatile entropy gathering with pseudo-random number generation. The internal
state of HAVEGE includes thousands of internal volatile hardware states of the
CPU and is merely unmonitorable. The CPU intern states include caches, branch
predictors, TLBs, long pipelines, instruction level parallelism, ... The state
of these components is not architectural (i.e. the result of an ordinary
application does not depend on it), it is also volatile and cannot be directly
monitored by the user. Every invocation of the operating system modifies
thousands of these binary volatile states.

* Cryptographically secure pseudo-random number generator (CSPRNGD): block
cipher AES-128 working in the counter mode based Deterministic Random Bit
Generator as defined by NIST SP800-90 document

* Run-time random number statistical testing and verification as defined
by FIPS PUB 140-2
  * Monobit test
  * Poker test
  * Runs test
  * Long run test
  * Continuous run test

Fedora Account System Username:jhladky

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=7ooVZmXm2q&a=cc_unsubscribe
_______________________________________________
package-review mailing list
package-review@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/package-review
[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]