Secure development: New and improved Linux random number generator, ready to be tested

0

Proposed replacement for / dev / random promises to double performance and add flexibility

A modern alternative to the basic encryption technology that comes with Linux distributions is ready for testing after five years of development.

The Linux Random Number Generator (LRNG), which relies on several computer functions to act as a source of entropy, is designed to replace the long established system. / dev / random function.

The technology is designed to provide both API (Application Programming Interface) and ABI (Application Binary Interface) compatibility with its / dev / random predecessor, while offering several advantages in terms of performance and utility.

LRNG offers a better doubling (130%) of performance improvement on the / dev / random function.

Only cryptographic primitives are used for data processing within LRNG, which has a more modern and configurable design. The technology is built around an architecture that supports testing of multiple facets of its operation by security researchers and others.

Foundations showing their age

The / dev / random is the “very foundation” of cryptography on Linux, said developer Stephan Müller The daily sip. “Yes / dev / random broken, all the cryptography on Linux is broken, ”said Müller.

According to Müller, it is no longer viable to keep the existing approach.

“Due to the new requirements that suppliers want to adhere to, each supplier” concocts “their own fixes to bypass or improve the / dev / random. In my opinion, this is a very difficult situation.

Müller’s response to this has been to chart the development of the next generation technology that he recognizes will require extensive testing “careful testing and evaluation of new implementations is still required.”

The current maintainer of the existing / dev / random has been silent since I started working. Other Linux developers, including core developers, have commented and those comments have been incorporated.

Having said that, it’s totally unclear if or when the code will go into the mainline. By now posting LRNG news on other channels like the Crypto Mailing List, I hope to get the maintainer to respond.

Linux RNG: Entropy Sources

According to Müller, LPRG incorporates four entropy sources that operate completely independently of each other, including runtime sync jitter and interrupt arrival timing.

“Each source of entropy works with its own rate of entropy and its own measure,” Müller explained.

Müller added: “The LRNG only uses cryptographic operations for data processing: either a DRNG [digital random number generator] or hash for data compression. LRNG allows updating of cryptographic algorithms.

“The available cryptographic algorithms are all contemporary: SHA256 or SHA512 for conditioning, ChaCha20-DRNG or SP800-90A DRBG. Yet LRNG offers a well-defined API for defining other cryptographic implementations.

A talk on LRNG was presented by Müller at the Linux Security Summit 2021 last month. The presentation is available on YouTube.

Contemporary dance

The new technology will better support vendors in the open source development world and beyond.

“Lately, vendors using Linux are having big challenges using the existing / dev / random implementation because it does not meet contemporary requirements,” said Müller. “The LRNG will meet all of these requirements, including giving suppliers the flexibility to meet their particular scenarios. “

Müller went on to explain the origins of his work in developing the Linux random number generator.

“The idea for the LRNG design arose during a study I wrote for the German BSI analyzing the behavior of entropy and how entropy collection works in virtual environments,” he said. he declares.

“In addition, another study [PDF] I wrote for BSI pushed me even further to develop LRNG and put it into production.

Learn about the latest crypto security news

Linux Random Number Generator is actually a pseudo-random number generator derived from computer functions. The outputs of the generator are used to boot algorithms and cryptographic functions.

Windows already takes a similar approach to seeding and entropy sources.

“MS entropy is derived from interrupt synchronization, the random TPM string provided at startup,[and}fromtherandomIntelfunctionsothattheLRNGfollowsasimilarpath”statedbytheprofessorAlanWoodwardinformaticianattheUniversityofSurreyadit[and}Intelrandomnessverytunctionsofunctionslooksimilarowsatthe-lookattiversity”[et}delafonctionaléatoireIntelilsembledoncqueleLRNGsuiveuncheminsimilaire”adéclaréleprofesseurAlanWoodwardinformaticienàl’UniversitédeSurreyadit[and}IntelrandomnessfunctionsoitlooksverymuchliketheLRNGisfollowingsimilarpath”ProfessorAlanWoodwardacomputerscientistattheUniversityofSurreytoldThe daily sip.

The problems with PRNGs are sort of an Achilles heel in the design of cryptographic systems.

Professor Woodward explained: “There is a lot of debate about what is really random and its importance, but the problem really arises when the ‘random’ number is either predictable and / or reproducible. “

ATMs, for example, use the timestamp as the source of randomness – an entry best described as unique rather than random.

All of this has spurred the development of material sources of randomness or (better yet) sources that derive their randomness from measurements of operations governed by quantum physics, such as the Oxford University spin-out Quantum Dice. .

“One of the reasons the hardware RNG didn’t really take hold is that people assumed that what was there was good enough,” concluded Professor Woodward.

ADVISED ‘Add yourself as a super admin’ – Researcher details easy-to-exploit bug that exposed GSuite accounts to a complete takeover


Source link

Share.

About Author

Comments are closed.