Re: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()

7 Oct 2019

      The TPM library specification states that the TPM must comply with NIST 
SP800-90 A.
https://trustedcomputinggroup.org/membership/certification/tpm-certified-pro...
shows that the TPMs get third party certification, Common Criteria EAL 4+.
While it's theoretically possible that an attacker could compromise
both the TPM vendors and the evaluation agencies, we do have EAL 4+ 
assurance against both 1 and 2.
On 10/6/2019 8:05 PM, Jarkko Sakkinen wrote:
...
Kernel has the random number generator for two reasons:

To protect against bugs in hwrng's.
To protect against deliberate backdoors in hwrng's.

How TPM RNG is guaranteed to protect against both 1 and 2?

2025

2024

2023

2022

2021

2020

2019

2018

2017

Re: [PATCH] KEYS: asym_tpm: Switch to get_random_bytes()