|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2013-12-10 22:36:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
"We cannot trust" Intel and Via’s chip-based crypto, FreeBSD developers say (ars technica)
Ars Technica reports
that effective in FreeBSD 10 (currently RC1
is available), processors from Intel and Via Technologies will no
longer be trusted as the sole source of random numbers. "Specifically, "RDRAND" and "Padlock"—RNGs [Random Number Generators] provided by Intel and Via respectively—will no longer be the sources FreeBSD uses to directly feed random numbers into the /dev/random engine used to generate random data in Unix-based operating systems. Instead, it will be possible to use the pseudo random output of RDRAND and Padlock to seed /dev/random only after it has passed through a separate RNG algorithm known as "Yarrow." Yarrow, in turn, will add further entropy to the data to ensure intentional backdoors, or unpatched weaknesses, in the hardware generators can't be used by adversaries to predict their output."
Ars Technica reports
that effective in FreeBSD 10 (currently RC1
is available), processors from Intel and Via Technologies will no
longer be trusted as the sole source of random numbers. "Specifically, "RDRAND" and "Padlock"—RNGs [Random Number Generators] provided by Intel and Via respectively—will no longer be the sources FreeBSD uses to directly feed random numbers into the /dev/random engine used to generate random data in Unix-based operating systems. Instead, it will be possible to use the pseudo random output of RDRAND and Padlock to seed /dev/random only after it has passed through a separate RNG algorithm known as "Yarrow." Yarrow, in turn, will add further entropy to the data to ensure intentional backdoors, or unpatched weaknesses, in the hardware generators can't be used by adversaries to predict their output."
