[arch-general] haveged and Secure Cryptography

Kevin Chadwick ma1l1ists at yahoo.co.uk
Fri Jul 20 05:18:48 EDT 2012


> Does anyone know if haveged significantly affects things like
> truecrypt, cryptsetup, RSA, or SSL if you happen to leave the daemon
> running for long periods of time? I'm sure that it's always going to
> be "random enough", but I often make use of Archlinux in forensic
> environments involving encrypted disks and files or transferring
> things over SSL, so I do need to know if there is even a theoretical
> weakness in my environment in case my tools and methodologies are
> called into question.

If your task uses /dev/random then it blocks on low entropy conditions.
I believe that is the only time haveged fills the pool. So the question
becomes If my device needs lots of entropy is haveged as strong or
stronger than the Linux RNG and does or can haveged be made to collect
randomness when idle.

This fired across the android list recently and gives with it's
references an idea of weaknesses in the Linux RNG. Were these
weaknesses happening at times of pool exhaustion or generally, I wonder?

https://factorable.net/paper.html

OpenBSD a year or two ago actually made all their random devices
link to the one because it incorporates haveged like functionality and
more and with it's RC4 cipher multiplies it to hundreds of megabytes of
good random data per second.

-- 
________________________________________________________

 Why not do something good every day and install BOINC.
________________________________________________________


More information about the arch-general mailing list