Announcement

**uid313** · 26 November 2019, 05:34 AM

Is this EFI RNG a software or hardware implementation?
Is this EFI RNG any more secure than just Linux kernel implementing their own software RNG algorithm in the kernel?

I feel like EFI and x86 is a security nightmare. EFI is big and complex, while x86 is like Swiss cheese with new vulnerabilities being constantly discovered.

**Britoid** · 26 November 2019, 06:17 AM

Originally posted by uid313 View Post

Is this EFI RNG a software or hardware implementation?
Is this EFI RNG any more secure than just Linux kernel implementing their own software RNG algorithm in the kernel?

I feel like EFI and x86 is a security nightmare. EFI is big and complex, while x86 is like Swiss cheese with new vulnerabilities being constantly discovered.

¯\_(ツ)_/¯

**Chugworth** · 26 November 2019, 07:09 AM

Originally posted by uid313 View Post

Is this EFI RNG a software or hardware implementation?
Is this EFI RNG any more secure than just Linux kernel implementing their own software RNG algorithm in the kernel?

I feel like EFI and x86 is a security nightmare. EFI is big and complex, while x86 is like Swiss cheese with new vulnerabilities being constantly discovered.

Knowing how well the hardware manufacturers treat security, I wouldn't be surprised if the EFI RNG implementation from some of them return all zeros.

**CochainComplex** · 26 November 2019, 08:11 AM

Originally posted by Chugworth View Post

Knowing how well the hardware manufacturers treat security, I wouldn't be surprised if the EFI RNG implementation from some of them return all zeros.

In case of Sony ...very close https://www.engadget.com/2010/12/29/.../?guccounter=1 but maybe returning 4s is more secure then returning 0s

**Weasel** · 26 November 2019, 10:27 AM

Originally posted by CochainComplex View Post

In case of Sony ...very close https://www.engadget.com/2010/12/29/.../?guccounter=1 but maybe returning 4s is more secure then returning 0s

It's an extra entropy, it gets XORed into the already existing entropy. You can't make it worse off by mixing unrelated sources, even if one source is 100% predictable, it just won't do anything.

**stormcrow** · 26 November 2019, 01:49 PM

Originally posted by CochainComplex View Post

In case of Sony ...very close https://www.engadget.com/2010/12/29/.../?guccounter=1 but maybe returning 4s is more secure then returning 0s

As long as the mix ingredients don't reduce entropy (which I don't think is actually possible), anyone relying on /dev/urandom at startup would be no worse off after than they were before hooking EFI RNG. The problem is when you start relying on single source HRNG instead of a properly mixed sources. Then you're at mercy of a single source getting it right 100% of the time - which doesn't happen in the real world. If you're after early boot process entropy for cryptographically secure hashes or key generation, you still need to do your diligence to find out if the device you're booting is even possible to generate proper keys or if you would have to wait till later or supply some form of alternative means.

**CommunityMember** · 26 November 2019, 02:06 PM

Originally posted by uid313 View Post

Is this EFI RNG a software or hardware implementation?

As is typical, "it depends". Various manufacturers may implement it differently on their platform. For that matter, EFI may not provide the functionality at all (one needs to test if it is available, and if so, what algorithms are supported). Having another source of potential entropy is typically considered goodness, or at worst neutral.

**uid313** · 26 November 2019, 02:34 PM

Originally posted by stormcrow View Post

As long as the mix ingredients don't reduce entropy (which I don't think is actually possible), anyone relying on /dev/urandom at startup would be no worse off after than they were before hooking EFI RNG. The problem is when you start relying on single source HRNG instead of a properly mixed sources. Then you're at mercy of a single source getting it right 100% of the time - which doesn't happen in the real world. If you're after early boot process entropy for cryptographically secure hashes or key generation, you still need to do your diligence to find out if the device you're booting is even possible to generate proper keys or if you would have to wait till later or supply some form of alternative means.

I don't know, maybe entropy gets reduced if its bad entropy.

I don't know what has more entropy;
[0, 0, 0, 0, 0 , 0, 1, 2, 3]
or
[1, 2, 3, 1, 2, 3, 1, 2, 3]

**ferry** · 26 November 2019, 02:59 PM

I think it is a mistake to think that x86 will always have EFI. For instance on Intel Edison there is U-Boot.

At the same time Edison was hurt a lot since Linux 4.20 as there are no other sources of entropy like mouse/keyboard/graphics/sound. It took minutes before it was possible to login in with ssh. For Edison we solved this by installing GNU rng-tools ("Daemon to use a Hardware TRNG. The rngd daemon acts as a bridge between a Hardware TRNG (true random number generator) such as the ones in some Intel/AMD/VIA chipsets, and the kernel's PRNG"). With this entropy is gathered almost instantly.

Announcement

Linux 5.5 To Finally Wire Up EFI RNG Code For x86 As Another Source Of Entropy

Linux 5.5 To Finally Wire Up EFI RNG Code For x86 As Another Source Of Entropy

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment