From: Herbert Xu <herbert@gondor.apana.org.au>
To: Andrey Smirnov <andrew.smirnov@gmail.com>
Cc: "Lucas Stach" <l.stach@pengutronix.de>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>, "Chris Healy" <cphealy@gmail.com>,
"Horia Geantă" <horia.geanta@nxp.com>,
"Iuliana Prodan" <iuliana.prodan@nxp.com>,
linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 0/3] enable CAAM's HWRNG as default
Date: Fri, 8 Nov 2019 23:19:48 +0800 [thread overview]
Message-ID: <20191108151948.ojn6ga3preh66utl@gondor.apana.org.au> (raw)
In-Reply-To: <CAHQ1cqF3BgberQMMY3sKH5iabG3oN6-H=o-y00Q710zrB7KNgw@mail.gmail.com>
On Tue, Oct 29, 2019 at 12:58:24PM -0700, Andrey Smirnov wrote:
>
> > I'm not sure if we can ever use the job based RNG interface to hook it
> > up to the Linux HWRNG interface. After all the job based RNG interface
> > is always a DRNG, which only gets seeded by the TRNG. The reseed
> > interval is given in number of clock cycles, so there is no clear
> > correlation between really true random input bits and the number of
> > DRNG output bits.
>
> Doesn't enabling prediction resistance gives us that correlation? E.g.
> that every time new random data is generated, DRNG is reseeded? I am
> assuming even if this is true we'd have to significantly limit
> generated data length (< seed length?), so maybe what you propose
> below is still simpler.
Prediction resistance should be sufficient in general. However,
is the prediction resistance reseeding done in real time?
> > I've hacked up some proof of concept code which uses the TRNG access in
> > the control interface to get the raw TRNG random bits. This seems to
> > yield about 6400 bit/s of true entropy. It may be better to use this
> > interface to hook up to the Linux HWRNG framework.
>
> OK, I'll take a look into that and send out a v2 with results.
I've backed out the patch-set for now but if we can clarify the
prediction resistance implementation details then I'm happy to
put it back in.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
next prev parent reply other threads:[~2019-11-08 15:19 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-29 16:29 [PATCH 0/3] enable CAAM's HWRNG as default Andrey Smirnov
2019-10-29 16:29 ` [PATCH 1/3] crypto: caam - RNG4 TRNG errata Andrey Smirnov
2019-10-29 16:29 ` [PATCH 2/3] crypto: caam - enable prediction resistance in HRWNG Andrey Smirnov
2019-10-29 16:29 ` [PATCH 3/3] crypto: caam - set hwrng quality level Andrey Smirnov
2019-10-29 16:43 ` [PATCH 0/3] enable CAAM's HWRNG as default Lucas Stach
2019-10-29 19:58 ` Andrey Smirnov
2019-11-08 15:19 ` Herbert Xu [this message]
2019-11-12 15:13 ` Andrey Smirnov
2019-11-12 23:17 ` Herbert Xu
2019-11-08 15:14 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191108151948.ojn6ga3preh66utl@gondor.apana.org.au \
--to=herbert@gondor.apana.org.au \
--cc=andrew.smirnov@gmail.com \
--cc=cphealy@gmail.com \
--cc=horia.geanta@nxp.com \
--cc=iuliana.prodan@nxp.com \
--cc=l.stach@pengutronix.de \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).