Proposed F19 Feature: Virtio RNG
Milan Broz
mbroz at redhat.com
Mon Feb 4 12:28:58 UTC 2013
On 02/02/2013 02:49 PM, Björn Persson wrote:
> Paolo Bonzini wrote:
>> If you're talking about RDRAND, it doesn't hand out entropy. That's
>> RDSEED, which will only come with Haswell.
>>
>> RDRAND only hands out random numbers.
>
> Huh? "Random numbers" is pretty much synonymous to "entropy" in the
> cryptographic language I'm used to.
>
> Ah, according to this:
> http://software.intel.com/en-us/blogs/2012/11/17/the-difference-between-rdrand-and-rdseed
> RDRAND doesn't output random numbers, only pseudorandom numbers. I
> suppose that's what you meant.
Be careful here...
Even RDRAND can be used to seed entropy (IMHO that's how rngd is using it)
you just need to do more than just use it once.
See http://software.intel.com/en-us/articles/intel-digital-random-number-generator-drng-software-implementation-guide/
namely part "4.4 Guaranteeing DBRG Reseeding"
But RDSEED is designed to return entropy directly (just not available on recent CPUs).
Milan
More information about the devel
mailing list