• argv_minus_one@beehaw.org
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    1
    ·
    1 year ago

    “Maybe use it for the boot-time ‘gather entropy from different sources,’ but clearly it should not be used at runtime.”

    Good idea. Ask it during boot/insmod for some hardware-random bits to seed Linux’s usual software-only CSPRNG, then just use that.

    And even that might not be a great idea. I wouldn’t be surprised if the fTPM RNG is subtly not-entirely-random, at some alphabet agency’s behest. I remember there being a controversy over rdrand for this reason…

    • pingveno@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      The fix with any possible issues with rdrand is the same here. When entropy is gathered from many sources including hardware instructions, any nefarious plant in the chip is drowned out in a sea of noise.

    • MystikIncarnate@lemmy.ca
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Well, it’s an fTPM, aka software, and AFAIK, no software can truly have a random RNG.

      So it might be very good pseudo random at best.