|
|
|
|
|
|
by __alexs
4717 days ago
|
|
|
The comments about RdRand being impossible to verify because it's on-chip seem quite reasonable. (Although Intel have tried to be quite open about how it works. https://sites.google.com/site/intelrdrand/references) I have no idea if RdRand is the only source of entropy for /dev/urandom in the kernel these days but that does seem quite silly. Especially as RdRand is documented as having two error conditions, not enough entropy, and that the hardware appears to be broken. In any case, here's the LKML thread where it was merged too http://thread.gmane.org/gmane.linux.kernel/1173350 |
|
|
If I understand correctly, the idea is to use RdRand to feed the entropy pool (which is also fed by other noise)[1] from which urandom pulls. So it doesn't seem RdRand would be the sole source of entropy if it were to be used in this context.
[1]http://linux.die.net/man/4/urandom