alcinnz, OpenSSL (which I've now confirmed that I've finished studying) relies on sourcing truly random inputs an attacker cannot predict. Linux provides this via the /dev/random device-file!
The source code I'm reading has some good comments: https://lxr.missinglinkelectronics.com/linux/drivers/char/random.c
The central add-rotate-xor hashing (+ fastpath) function here is a variation on CRC checks, apparently not cryptographically-secure but rapid enough to be called upon every CPU interrupt. May be wrapped in logging and/or mutexes.
1/?
Add comment