Integrated crypto

Robert Connolly robert at linuxfromscratch.org
Thu Apr 8 03:59:46 PDT 2004


The frandom author has helped me out. He created erandom (economical random). 
This version is unreleased:
http://linuxfromscratch.org/~robert/new/frandom-0.7.tar.gz
mknod /dev/erandom c 235 12

It will use /dev/random when the module is loaded to seed frandom. Erandom 
will use the state of frandom as a seed. No entropy, and its private. The 
author says there should be no way to predict it (without being root). This 
patch will use erandom first, if /dev/erandom doesn't exist it will fallback 
to /dev/urandom, and then to the canary (confermed with strace).
http://linuxfromscratch.org/~robert/new/glibc-2.3.3-ssp-2.patch

Now I'll start looking at making a sysctl interface for it.




More information about the hlfs-dev mailing list