[Whonix-devel] Fwd: Re: secure random: kernel and mountall early use of entropy for what?
adrelanos at riseup.net
Mon Feb 15 22:24:37 CET 2016
-------- Forwarded Message --------
Subject: Re: secure random: kernel and mountall early use of entropy for
Date: Mon, 15 Feb 2016 14:18:52 -0700
From: John Denker <jsd at av8n.com>
To: Patrick Schleizer <adrelanos at riseup.net>
On 02/15/2016 01:42 PM, Patrick Schleizer wrote:
> Could you please elaborate, what they require
> entropy for and what are the risks of these currently not getting high
> quality entropy?
I measured how many bytes were taken from the RNG during various
phases (boot and thereafter) ... but I didn't delve into details
of what it was being used for.
One can conjecture that quite a bit of randomess is used
for ASLR. The consequence of using a lame RNG for this is
that whatever protection we would have gotten from ALSR
will be absent.
Note that I prefer to call it "randomness" rather than
entropy. I know the existing driver calls it entropy,
but (a) the driver is inconsistent about what it means
by the term, and (b) it is a very specific technical
term that ought not be abused.
In particular, a PRNG can produce an enormous amount of
usable randomness starting from a modest amount of entropy.
More information about the Whonix-devel