FreeBSD operating system developers have decided that they will no longer allow users to trust processors manufactured by Intel and Via to provide random numbers.
The random numbers are said to generate cryptographic keys that can’t easily be cracked by the NSA, or other hackers.
The upcoming FreeBSD version 10.0 takes into account secret documents leaked by former National Security Agency (NSA) subcontractor Edward Snowden that said the US spy agency was able to decode vast swaths of the Internet’s encrypted traffic.
According to the FreeBSD spec, the new version of the operating system will use hardware-based random number generators to seed the data used to ensure cryptographic systems cannot be broken by adversaries.
“RDRAND” and “Padlock”— random number generators (RNGs) provided by Intel and Via respectively – will not be the sources used by FreeBSM to directly feed random numbers into the /dev/random engine used to generate random data in Unix.
Instead it will only use RDRAND and Padlock to seed /dev/random only after it has passed through a separate RNG algorithm known as “Yarrow.”
Yarrow will add another layer to the data to ensure intentional backdoors, or un-patched weaknesses, in the hardware generators can’t be used by adversaries to predict their output.
Although these changes are being connected to the allegations of backdoors raised in documents leaked by Snowden, many in the community think that the move would have been a good idea even if those weaknesses never came to light.
By adding extra sources of randomness to RDRAND, Padlock, and other RNGs will not reduce their entropy and may make the keys they help generate harder to crack.