You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Sep 20, 2023. It is now read-only.
I'm currently analyzing the code of the entropy generating function and the use of the backends by the replenish function. As I understand it, if the RDRAND backend generates enough entropy, the other backends are not used, is that correct ?
The reason I ask is because weaknesses are found in the RdRand instruction, and should only be used in combination of other entropy sources, not as the only one. On top of that, /dev/random already uses RdRand when available, so explicitly supporting it in this library might be redunandant (and even a security liability).
The text was updated successfully, but these errors were encountered:
Hello,
I'm currently analyzing the code of the entropy generating function and the use of the backends by the replenish function. As I understand it, if the RDRAND backend generates enough entropy, the other backends are not used, is that correct ?
The reason I ask is because weaknesses are found in the RdRand instruction, and should only be used in combination of other entropy sources, not as the only one. On top of that, /dev/random already uses RdRand when available, so explicitly supporting it in this library might be redunandant (and even a security liability).
The text was updated successfully, but these errors were encountered: