On 04.06.20 15:20, Michael Walle wrote:
Am 2020-06-04 14:58, schrieb Heinrich Schuchardt:
On 04.06.20 14:52, Michael Walle wrote:
Am 2020-06-04 14:26, schrieb Heinrich Schuchardt:
On 04.06.20 10:05, Horia Geantă wrote:
On 6/4/2020 5:31 AM, Heinrich Schuchardt wrote:
From what I see, driver added by Michael is using the PRNG / DRBG and not the TRNG. Is this acceptable?
If it is only PRNG, this is not what we look for. If a PRNG/DRBG is used to ameliorate the raw entropy stream like Linux does for the /dev/random device this is fine. We need something non-deterministic.
What do you mean by "only PRNG"?
-a PRNG / DRBG (SP800-90A compliant DRBG_Hash) - which is seeded from the TRNG
So while it is a PRNG, it is non-deterministic because its seeded from the TRNG.
If for every byte that your DM_RNG driver outputs at least one byte from the TRNG is consumed, it is fine. Otherwise it is not what we are looking for.
And why is that? This should really be documented somewhere.
We want to provide raw entropy in the EFI_RNG_PROTOCOL. So this cannot be a deterministic sequence of bytes where you only have to know the current state of a PRNG to find the next byte.
As mentioned above you have a TRNG available. What is problematic about providing its output?
Best regards
Heinrich