Self Introduction
Nikos Mavrogiannopoulos
nmav at redhat.com
Mon Jan 6 11:16:44 UTC 2014
On Sun, 2014-01-05 at 21:38 +0100, Jan Tulak wrote:
> I'm also developing it (https://github.com/BroukPytlik/RdRand).
> ReadMe still needs to be filled with reasonable texts, I have to copy it from
> man pages (why write the same things twice). :-)
>
> About the security concerns... I have done some statistical testing of it
> (PractRand, TestU01) and even after many terabytes on four machines it didn't
> found anything suspicious.
> So I would not used it directly for something important (closed things are
> closed things, and with NSA paying to RSA for backdoors...), but for casual
> usage or as one of more entropy sources (or as a seed for a CSPRNG) it can
> work pretty well.
> My package is including the C library and also a simple application usable by
> users directly (i.e. usable in shell scripts) if they do not want to pull data
> from /dev/[u]random.
Hello and welcome. Some questions based on your description of rdrand.
How would you expect someone to use this library? I mean if /dev/urandom
is more portable why use the rdrand tool or library? Also how does your
project relates to rng-tools that do use the hardware generator to
feed /dev/random?
regards,
Nikos
More information about the devel
mailing list