Re: [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte

From:	Daniel P. Berrange
Subject:	Re: [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte source
Date:	Thu, 21 Jan 2016 08:59:28 +0000
User-agent:	Mutt/1.5.24 (2015-08-30)

On Thu, Jan 21, 2016 at 02:12:06PM +0800, Fam Zheng wrote:
> On Wed, 01/20 17:38, Daniel P. Berrange wrote:
> > +int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,
> > +                         size_t buflen G_GNUC_UNUSED,
> > +                         Error **errp)
> > +{
> > +    error_setg(errp, "No random byte source provided in this build");
> > +    return -1;
> 
> Curious, why does a random(3) or /dev/random implementation fall short to
> error?

random(3) does not provide crytographically strong random numbers.

/dev/random would be suitable, but if we read that directly we would
deplete entropy very quickly.

The gnutls backends will use /dev/random in combination with a
cryptographically secure generator to provide high entropy
numbers, at a high data rate.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-block] [PATCH v2 00/17] Support LUKS encryption in block devices, Daniel P. Berrange, 2016/01/20
- [Qemu-block] [PATCH v2 01/17] crypto: ensure qcrypto_hash_digest_len is always defined, Daniel P. Berrange, 2016/01/20
  - Re: [Qemu-block] [PATCH v2 01/17] crypto: ensure qcrypto_hash_digest_len is always defined, Fam Zheng, 2016/01/21
- [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte source, Daniel P. Berrange, 2016/01/20
  - Re: [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte source, Fam Zheng, 2016/01/21
    - Re: [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte source, Daniel P. Berrange <=
- [Qemu-block] [PATCH v2 03/17] crypto: add support for PBKDF2 algorithm, Daniel P. Berrange, 2016/01/20
  - Re: [Qemu-block] [PATCH v2 03/17] crypto: add support for PBKDF2 algorithm, Fam Zheng, 2016/01/21
    - Re: [Qemu-block] [PATCH v2 03/17] crypto: add support for PBKDF2 algorithm, Daniel P. Berrange, 2016/01/21
- [Qemu-block] [PATCH v2 05/17] crypto: add support for anti-forensic split algorithm, Daniel P. Berrange, 2016/01/20
  - Re: [Qemu-block] [PATCH v2 05/17] crypto: add support for anti-forensic split algorithm, Fam Zheng, 2016/01/21
    - Re: [Qemu-block] [PATCH v2 05/17] crypto: add support for anti-forensic split algorithm, Daniel P. Berrange, 2016/01/21
- [Qemu-block] [PATCH v2 04/17] crypto: add support for generating initialization vectors, Daniel P. Berrange, 2016/01/20
  - Re: [Qemu-block] [PATCH v2 04/17] crypto: add support for generating initialization vectors, Fam Zheng, 2016/01/21
    - Re: [Qemu-block] [PATCH v2 04/17] crypto: add support for generating initialization vectors, Daniel P. Berrange, 2016/01/21
- [Qemu-block] [PATCH v2 08/17] block: add flag to indicate that no I/O will be performed, Daniel P. Berrange, 2016/01/20

Prev by Date: Re: [Qemu-block] [PATCH v2 05/17] crypto: add support for anti-forensic split algorithm
Next by Date: Re: [Qemu-block] [PATCH v2 10/17] block: add generic full disk encryption driver
Previous by thread: Re: [Qemu-block] [PATCH v2 02/17] crypto: add cryptographic random byte source
Next by thread: [Qemu-block] [PATCH v2 03/17] crypto: add support for PBKDF2 algorithm
Index(es):
- Date
- Thread