By: Jose (1.delete@this.2.com), August 12, 2019 1:33 am
Room: Moderated Discussions
Linus Torvalds (torvalds.delete@this.linux-foundation.org) on August 11, 2019 1:13 pm wrote:
> @never_released (none.delete@this.none.none) on August 11, 2019 11:10 am wrote:
> >
> > Why does the kernel rely on RDRAND instead of Intel ME/TXE or AMD PSP or maybe even a TPM
> > in those cases? What are the advantages of having RNG instructions right into a processor
> > instead of them being available as a coprocessor or a separate device as they should be?
>
> Performance.
>
> Performance matters. A lot.
>
> TPM is a joke, plus why should you trust TPM in the first place, when we know there are broken implementations?
> Going over a slow bus to get a random number from an untrusted entity is beyond garbage.
> ....
> Linus
Completely agree on that one. In the industry I work for we always prefer CPUs that include all security features built in (secure boot, tamper sensors, TRNGs, cryptographic accelerators, internal SRAM secure encrypted on the fly for root key storage etc). For devices using Linux we do have decent performing CPUS like Broadcom BCM5830x series, but for Android we are forced to use external secure micro-controllers, and the impact on the cryptographic performance is sizeable.
Jose
> @never_released (none.delete@this.none.none) on August 11, 2019 11:10 am wrote:
> >
> > Why does the kernel rely on RDRAND instead of Intel ME/TXE or AMD PSP or maybe even a TPM
> > in those cases? What are the advantages of having RNG instructions right into a processor
> > instead of them being available as a coprocessor or a separate device as they should be?
>
> Performance.
>
> Performance matters. A lot.
>
> TPM is a joke, plus why should you trust TPM in the first place, when we know there are broken implementations?
> Going over a slow bus to get a random number from an untrusted entity is beyond garbage.
> ....
> Linus
Completely agree on that one. In the industry I work for we always prefer CPUs that include all security features built in (secure boot, tamper sensors, TRNGs, cryptographic accelerators, internal SRAM secure encrypted on the fly for root key storage etc). For devices using Linux we do have decent performing CPUS like Broadcom BCM5830x series, but for Android we are forced to use external secure micro-controllers, and the impact on the cryptographic performance is sizeable.
Jose