Skip to content

Commit

Permalink
crypto: jitter - update implementation to 2.1.2
Browse files Browse the repository at this point in the history 
The Jitter RNG implementation is updated to comply with upstream version
2.1.2. The change covers the following aspects:

* Time variation measurement is conducted over the LFSR operation
instead of the XOR folding

* Invcation of stuck test during initialization

* Removal of the stirring functionality and the Von-Neumann
unbiaser as the LFSR using a primitive and irreducible polynomial
generates an identical distribution of random bits

This implementation was successfully used in FIPS 140-2 validations
as well as in German BSI evaluations.

This kernel implementation was tested as follows:

* The unchanged kernel code file jitterentropy.c is compiled as part
of user space application to generate raw unconditioned noise
data. That data is processed with the NIST SP800-90B non-IID test
tool to verify that the kernel code exhibits an equal amount of noise
as the upstream Jitter RNG version 2.1.2.

* Using AF_ALG with the libkcapi tool of kcapi-rng the Jitter RNG was
output tested with dieharder to verify that the output does not
exhibit statistical weaknesses. The following command was used:
kcapi-rng -n "jitterentropy_rng" -b 100000000000 | dieharder -a -g 200

* The unchanged kernel code file jitterentropy.c is compiled as part
of user space application to test the LFSR implementation. The
LFSR is injected a monotonically increasing counter as input and
the output is fed into dieharder to verify that the LFSR operation
does not exhibit statistical weaknesses.

* The patch was tested on the Muen separation kernel which returns
a more coarse time stamp to verify that the Jitter RNG does not cause
regressions with its initialization test considering that the Jitter
RNG depends on a high-resolution timer.

Tested-by: Reto Buerki <[email protected]>
Signed-off-by: Stephan Mueller <[email protected]>
Signed-off-by: Herbert Xu <[email protected]>
  • Loading branch information
@smuellerDD @herbertx
smuellerDD authored and herbertx committed Jun 6, 2019
1 parent d8ea98a commit d9d67c8
Show file tree
Hide file tree
Showing 2 changed files with 82 additions and 228 deletions.
5 changes: 0 additions & 5 deletions crypto/jitterentropy-kcapi.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,11 +56,6 @@ void jent_entropy_collector_free(struct rand_data *entropy_collector);
* Helper function
***************************************************************************/

__u64 jent_rol64(__u64 word, unsigned int shift)
{
return rol64(word, shift);
}

void *jent_zalloc(unsigned int len)
{
return kzalloc(len, GFP_KERNEL);
Expand Down
Loading

0 comments on commit d9d67c8

Please sign in to comment.