[OpenWrt-Devel] [PATCH 0/4] add μrngd: true RNG based on timing jitter
luci at powerneth.ro
Sun Jun 2 09:50:37 EDT 2019
On 28.05.2019 12:37, Petr Štetiar wrote:
> Rosen Penev <rosenp at gmail.com> [2019-05-27 19:19:53]:
>> Tested this on both mt7621 and Turris Omnia. Works pretty well. Init
>> gets done fast.
> thanks a lot for testing, can you please reply with your Tested-by next time
> so the patchwork could add this tag automatically to this patch?
>> The Turris people might want something like this or they need to fix haveged
>> to run earlier.
> I've been recommended haveged many times (by someone from nic.cz as well), so
> my initial idea was to simply give it a go and create uhaveged, but I quickly
> came to the conclusion, that it won't work for OpenWrt for many reasons, which
> I've already forget, but I think it wasn't truly multiplatform solution due to
> some compiler/assembly magic.
> Then I've simply found out, that haveged is no longer considered good
> enough by the security community:
> Also the use of `haveged` is recommended, which is a bad idea as this daemon
> can create blocking situations during key generation effectively creating a
> deadlock and thus security problems. haveged's design is from 2002, it has
> never been audited, there're only papers by the original authors available.
> Even Andre Seznec, one of the main HAVEGE authors stated following:
> He also pointed out a security warning: with some VMs, the hardware cycles
> counter is emulated and deterministic, and thus predictible. He therefore
> does not recommend using HAVEGE on those systems.
> so I started looking at other options and luckily enough, I've found out about
> this KISS jitter RNG.
> 1. https://lists.cert.at/pipermail/ach/2017-May/002251.html
> 2. https://github.com/BetterCrypto/Applied-Crypto-Hardening/commit/cf7cef7a870c1b77089b1bd6209ded6525b5a4e0#commitcomment-23006392
> 3. https://tls.mbed.org/tech-updates/security-advisories/polarssl-security-advisory-2011-02
> -- ynezz
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
works good on Atom 330
dmesg | grep random
[ 29.043097] random: fast init done
[ 76.467115] random: crng init done
[ 0.000000] random: get_random_bytes called from
start_kernel+0x6d/0x3df with crng_init=0
[ 5.899674] random: jshn: uninitialized urandom read (4 bytes read)
[ 5.933012] random: jshn: uninitialized urandom read (4 bytes read)
[ 5.957578] random: jshn: uninitialized urandom read (4 bytes read)
[ 6.969902] urandom_read: 4 callbacks suppressed
[ 6.969907] random: jshn: uninitialized urandom read (4 bytes read)
[ 10.043998] random: jshn: uninitialized urandom read (4 bytes read)
[ 10.550301] random: mkfs.f2fs: uninitialized urandom read (16 bytes read)
[ 11.420925] urandom-seed: Seed file not found (/etc/urandom.seed)
[ 13.321222] random: crng init done
Tested-by Lucian Cristian <lucian.cristian at gmail.com>
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
More information about the openwrt-devel