---

SecuriTeam: Holes in the Linux Random Number Generator

“The Linux random number generator is part of the kernel of all
Linux distributions and is based on generating randomness from
entropy of operating system events. The output of this generator is
used for almost every security protocol, including TLS/SSL key
generation, choosing TCP sequence numbers, and file system and
email encryption.

“Although the generator is part of an open source project, its
source code (about 2500 lines of code) is poorly documented, and
patched with hundreds of code patches…”

Complete
Story