MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
random
Search

Security proof for Linux's random number generator

Tuesday September 17, 2024. 02:35 PM , from LWN.net
Four researchers have published a formal proof that Linux's new deterministic random bit generator (DRBG) is secure in a particular sense — specifically, that the number of queries that would need to be made to it to uncover its internal state depends on the quality of the entropy it can collect from different sources. As long as it can gather enough entropy, it produces secure random numbers.

Since the significant structural changes in Linux 4 and Linux 5.17, there has
been no research on the provable security of Linux-DRBG. For the first time (to
the best of our knowledge), we formally model the Linux-DRBG in Linux 6.4.8
and prove its security in the seedless robustness model

Thanks to Jason Donenfeld for bringing the paper to our attention.
Read more at LWN.net
https://lwn.net/Articles/990596/

Related News

random How I Booted Linux On an Intel 4004 from 1971 SlashdotSep 29
security Microsoft updates Recall feature to address privacy concerns but Linux remains a safer choice for some BetaNewsSep 27
number Microsoft 365 Copilot rollouts slowed by data security, ROI concerns ComputerWorldSep 27
linux Security updates for Friday LWN.netSep 27
generator Tor Project and Tails Linux distribution merge to enhance online privacy tools BetaNewsSep 27
proof HPE patches three critical security holes in Aruba PAPI TheRegisterSep 26
linux's That doomsday critical Linux bug: It's CUPS. Could lead to remote hijacking of devices TheRegisterSep 26
our That doomsday critical Linux bug: It's CUPS. May lead to remote hijacking of devices TheRegisterSep 26
its Security updates for Thursday LWN.netSep 26
linux-drbg The importance of nudge theory in email security BetaNewsSep 26
secure Eliminating Memory Safety Vulnerabilities at the Source (Google Security Blog) LWN.netSep 26
entropy Critical Unauthenticated RCE Flaw Impacts All GNU/Linux Systems SlashdotSep 26
model RTOS vs Linux: The IoT battle extends from software to hardware BetaNewsSep 25
random Security updates for Wednesday LWN.netSep 25
security Election board: sheriff who threatened Kamala Harris supporters won't provide election security BoingBoingSep 24
number Security updates for Tuesday LWN.netSep 24
linux Java 23 highlights crypto performance and security InfoWorldSep 24
generator Some US Kaspersky customers find their security software replaced by 'UltraAV' TheRegisterSep 24
proof US proposes ban on Chinese, Russian connected car tech over security fears TheRegisterSep 23
linux's Security updates for Monday LWN.netSep 23
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Nov, Tue 5 - 09:23 CET