• Stephan Müller's avatar
    crypto: jitter - update implementation to 2.1.2 · d9d67c87
    Stephan Müller authored
    The Jitter RNG implementation is updated to comply with upstream version
    2.1.2. The change covers the following aspects:
    
    * Time variation measurement is conducted over the LFSR operation
    instead of the XOR folding
    
    * Invcation of stuck test during initialization
    
    * Removal of the stirring functionality and the Von-Neumann
    unbiaser as the LFSR using a primitive and irreducible polynomial
    generates an identical distribution of random bits
    
    This implementation was successfully used in FIPS 140-2 validations
    as well as in German BSI evaluations.
    
    This kernel implementation was tested as follows:
    
    * The unchanged kernel code file jitterentropy.c is compiled as part
    of user space application to generate raw unconditioned noise
    data. That data is processed with the NIST SP800-90B non-IID test
    tool to verify that the kernel code exhibits an equal amount of noise
    as the upstream Jitter RNG version 2.1.2.
    
    * Using AF_ALG with the libkcapi tool of kcapi-rng the Jitter RNG was
    output tested with dieharder to verify that the output does not
    exhibit statistical weaknesses. The following command was used:
    kcapi-rng -n "jitterentropy_rng" -b 100000000000 | dieharder -a -g 200
    
    * The unchanged kernel code file jitterentropy.c is compiled as part
    of user space application to test the LFSR implementation. The
    LFSR is injected a monotonically increasing counter as input and
    the output is fed into dieharder to verify that the LFSR operation
    does not exhibit statistical weaknesses.
    
    * The patch was tested on the Muen separation kernel which returns
    a more coarse time stamp to verify that the Jitter RNG does not cause
    regressions with its initialization test considering that the Jitter
    RNG depends on a high-resolution timer.
    Tested-by: default avatarReto Buerki <reet@codelabs.ch>
    Signed-off-by: default avatarStephan Mueller <smueller@chronox.de>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    d9d67c87
jitterentropy.c 19.3 KB