FreeBSDlogo

FreeBSD reviews its usage of Intel and VIA designed encryption devices

FreeBSD developers have announced that they will no longer be using Intel’s RDRAND and VIA’s Padlock as standalone devices for encryption. Instead, data generated by these hardware-based RNGs (Random Number Generators) will be further processed to enhance security of the information. This system will be implemented from version 10 of FreeBSD onwards.

FreeBSD uses a pluggable random generator framework for encryption. Until now, RNGs RDRAND and Padlock were used to generate random output which was then used for encryption. In a measure to enhance this security further, the developers will use Yarrow to add further entropy to the random output from RDRAND and Padlock. Yarrow is an unpatented licence free algorithm which is used for encryption. It is used by Apple in iOS and Mac OS X. Instead of RDRAND or Padlock feeding /dev/random, the output from these chips will first be fed into Yarrow. Yarrow will further process this information to cover up any backdoors that may be present in the input data.

The announcement comes in the wake of various news sources which have indicated that NSA has been snooping around collecting information on the Internet traffic. Documents released by Edwen Snowden indicate that NSA has been working with organizations to introduce backdoors and cryptographic weaknesses in their software to allow them an access to information. FreeBSD developers say that they no longer trust the output generated by these two RNGs. Access to hardware-based  RNGs will still be possible directly by inline assembly or by using OpenSSL from userland.

Linux, too, uses RDRAND for encryption. However, Linus Torvalds, father of the Linux kernel, had already explained that Linux adds randomness to the output from RDRAND and makes the information secure.

Source: Ars Technica

About Varghese Chacko

An IT guy, I have been working as a QA professional for around 6.5 years. I keenly follow technology with a special focus on open source. After much distro-hopping, I settled down on using openSUSE as my distribution of choice. A fan of Arsenal ever since I started following football, I keenly follow sports and am good for a game always.

45 thoughts on “FreeBSD reviews its usage of Intel and VIA designed encryption devices

  1. Pingback: Hay Day Cheats
  2. Pingback: Trackback
  3. Pingback: Trackback
  4. Pingback: Trackback
  5. Pingback: Trackback
  6. Pingback: Trackback
  7. Pingback: Trackback
  8. Pingback: Trackback
  9. Pingback: Info
  10. Pingback: Ideas
  11. Pingback: Technology
  12. Pingback: Marketing
  13. Pingback: Tech
  14. Pingback: Health
  15. Pingback: Finance
  16. Pingback: Liberty
  17. Pingback: Trading
  18. Pingback: Business
  19. Pingback: Camp
  20. Pingback: Technology
  21. Pingback: School
  22. Pingback: Clothing
  23. Pingback: Financial
  24. Pingback: Amddram
  25. Pingback: Wp Weekend Phoenix
  26. Pingback: Business
  27. Pingback: use
  28. Pingback: business marketing
  29. Pingback: Gucci Handbags
  30. Pingback: invoice finance
  31. Pingback: armored vehicles
  32. Pingback: IAM
  33. Pingback: travel style tours
  34. Pingback: silk
  35. Pingback: Marchiani prefet
  36. Pingback: Hochard alpinisme
  37. Pingback: lawyer blog

Leave a Reply