FreeBSD ditches suspect hardware-based crypto
Posted on 10 December 2013.
Bookmark and Share
Buried in the "Security" section of a report on the FreeBSD Developer Summit held in September in Malta is a small but important note about the FreeBSD developers' decision to stop using two hardware random number generators (RNGs).


Despite the report having been published for months now, The Register's Richard Chirgwin first brought the matter to the attention of the wider public this Monday.

The two RNGs in question are Intel's RDRAND and Via's Padlock.

The reason for the decision to stop relying solely on their random output for generating uncrackable cryptographic keys is the recent revelation that the US NSA has influenced the US National Institute of Standards and Technology (NIST) to adopt an encryption standard that has been made by the NSA to include a weakness known only to them.

Also, that the NSA has been working on either securing the collaboration of tech and telecom companies to gain access to encrypted communication or, if neither of those two approaches were successful, on secretly attempting to put backdoors into their products.

"We have a pluggable random generator framework and we have a number of plugins for it, Yarrow is one, and the RDRAND, Padlock are two others, we have one that blocks and one that panics, and few coding examples and so on," the group noted in the report.

"For [FreeBSD] 10, we are going to backtrack and remove RDRAND and Padlock backends and feed them into Yarrow instead of delivering their output directly to /dev/random. It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more."

The also added that they would like to "collect more entropy early in the boot process," which they will likely achieve through the implementation of a patch that "feeds the amount of time it takes to attach a device into /dev/random."

Whether the two RNGs can ultimately be trusted or not, the group's decision to pass the random numbers first through Yarrow can only add to the randomness and increase their entropy, and therefore be only positive.









Spotlight

OpenBSD team forks OpenSSL to create safer SSL/TLS library

Posted on 22 April 2014.  |  Members of the OpenBSD project have begun working on a free version of the SSL/TLS protocol. They are not starting from scratch, but have forked OpenSSL to create a new, more secure option which they have dubbed LibreSSL.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Apr 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //