Re: [PATCH v1] crypto: Make the DRBG compliant with NIST SP800-90A rev1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This one really does keep coming back like yesterday's herring, doesn't it...

On June 23, 2021 10:00:29 AM PDT, James Morris <jamorris@xxxxxxxxxxxxxxxxxxx> wrote:
>On Wed, 23 Jun 2021, Stephan Mueller wrote:
>
>> 
>> > These changes replace the use of the Linux RNG with the Jitter RNG,
>> > which is NIST SP800-90B compliant, to get a proper entropy input
>and a
>> > nonce as defined by FIPS.
>> 
>> Can you please help me understand what is missing in the current code
>which
>> seemingly already has achieved this goal?
>
>The advice we have is that if an attacker knows the internal state of
>the 
>CPU, then the output of the Jitter RNG can be predicted.

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux