free
/
freedombone
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Pārlūkot izejas kodu

Quote

Bob Mottram 11 gadus atpakaļ
vecāks
916487ec54
revīzija
64c38873dd
1 mainītis faili ar 6 papildinājumiem un 0 dzēšanām
Apvienotais skats Rādīt salīdzināšanas statistiku
  1. 6
    0
      beaglebone.txt

+ 6
- 0
beaglebone.txt Parādīt failu

261
261
262 
 ** Random number generation
 262 
 ** Random number generation
263
263
264 
+#+BEGIN_VERSE
265 
+/Near as I can tell, the answer on what has been requested is everything: deliberate weakenings of encryption algorithms, deliberate weakenings of random number generations, copies of master keys, encryption of the session key with an NSA-specific key … everything./
266 
+
267 
+-- Bruce Schneier, on the 2013 leaked NSA documents
268 
+#+END_VERSE
269 
+
264 
 The security of encryption depends upon how random the pseudo-random number generation on your system is.  If it isn't very random then it may be far more vulnerable to cryptanalysis, and it's known that in the past some dubious agencies have encouraged the use of flawed random number generators to assist with their prurient activities.  Randomness - typically referred to as /entropy/ - is often gathered from factors such as the timing of key presses or mouse movements, but since the BBB won't have such devices plugged into it this reduces the amount of entropy available.
 270 
 The security of encryption depends upon how random the pseudo-random number generation on your system is.  If it isn't very random then it may be far more vulnerable to cryptanalysis, and it's known that in the past some dubious agencies have encouraged the use of flawed random number generators to assist with their prurient activities.  Randomness - typically referred to as /entropy/ - is often gathered from factors such as the timing of key presses or mouse movements, but since the BBB won't have such devices plugged into it this reduces the amount of entropy available.
265
271
266 
 To improve entropy generation there are two options.  One is to install a kernel module which enables the hardware crypto available on the BBB, but that's a bit complicated and might have some stability implications.  The other option is to install [[http://www.issihosts.com/haveged/][havegd]].  While not as good as a true hardware random number generator, havegd is better than the default pseudo-random number generation within the Linux kernel.  To install it:
 272 
 To improve entropy generation there are two options.  One is to install a kernel module which enables the hardware crypto available on the BBB, but that's a bit complicated and might have some stability implications.  The other option is to install [[http://www.issihosts.com/haveged/][havegd]].  While not as good as a true hardware random number generator, havegd is better than the default pseudo-random number generation within the Linux kernel.  To install it: