document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-03-24 02:20:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #198 from willqian/master

Browse Source 
will.qian is translating Linux RNG May Be Insecure After All
This commit is contained in:
Xingyu.Wang 2013-10-15 07:42:47 -07:00
commit d53b2d8300
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sources/Linux RNG May Be Insecure After All.md
View File

@ -1,3 +1,4 @@
will.qian is translating this article.
Linux RNG May Be Insecure After All
================================================================================
> As a followup to Linus's [opinion people skeptical of the Linux random number generator][1], a new paper [analyzes the robustness of /dev/urandom and /dev/random][2] . From the paper: 'From a practical side, we also give a precise assessment of the security of the two Linux PRNGs, /dev/random and /dev/urandom. In particular, we show several attacks proving that these PRNGs are not robust according to our definition, and do not accumulate entropy properly. These attacks are due to the vulnerabilities of the entropy estimator and the internal mixing function of the Linux PRNGs. These attacks against the Linux PRNG show that it does not satisfy the "robustness" notion of security, but it remains unclear if these attacks lead to actual exploitable vulnerabilities in practice.'
@ -14,4 +15,4 @@ via: http://it.slashdot.org/story/13/10/14/2318211/linux-rng-may-be-insecure-aft
[1]:http://linux.slashdot.org/story/13/09/10/1311247/linus-responds-to-rdrand-petition-with-scorn
[2]:http://eprint.iacr.org/2013/338.pdf
[3]:http://slashdot.org/story/13/09/13/1228216/stealthy-dopant-level-hardware-trojans
[3]:http://slashdot.org/story/13/09/13/1228216/stealthy-dopant-level-hardware-trojans