Sweet mother of divine Jesus Christ and the twelve apostles.
Forgive me, but my patience is wearing thin as I have posted this idea on
several forums and been meet with the same response every time.
I shall now use all caps to convey my annoyance.
IF ONE IS OKAY WITH THE SPEED AT WHICH RANDOM BITS CAN BE RETRIEVED FROM
THE TMP2, THEN.... Can we please put together some code so that the TPM2
can feed directly into /dev/null.
On Friday, December 13, 2019, Steven Clark <davolfman(a)gmail.com> wrote:
This is probably a much worse idea than you think it is.
2.0 communication has been kinda slow and only improved in some relatively
recent kernels. The general theory that seems to apply to the kind of
entropy mixing the kernel does is that entropy is conserved and that faulty
sources just don't add entropy. And thanks to the mixing they can't
manipulate the pool enough for an attack. Given there are stirring
commands, even the TPM RNG is probably not collecting real entropy all that
fast, so it would probably become a PRNG in slow hardware on a slow bus if
used as the only RNG.