Re: [edk2-devel] [PATCH v1 07/14] NetworkPkg:: SECURITY PATCH CVE-2023-45237

["Ard Biesheuvel" <ardb@kernel.org>]

On Wed, 8 May 2024 at 18:47, Doug Flick via groups.io
<dougflick=microsoft.com@groups.io> wrote:
>
> I don't disagree.
>
> The intent is not to be limited by NIST specified standards but rather the only UEFI Spec defined algorithms are NIST Standards.
>
> https://uefi.org/specs/UEFI/2.10/37_Secure_Technologies.html#efi-rng-algorithm-definitions
>
> I'm not sure what's the best way to clarify this distinction
>

The issue here is that virtio-rng only exposes the 'raw' RNG protocol,
which is what the underlying hardware claims to implement.

This has a special status in the spec, as it can be used as an entropy
source for the NIST algorithms, the security strength of which is
cannot exceed the security strength represented by the size of the
seed consumed from the raw input.

So in that sense, it might be appropriate to treat the raw protocol in
the same way as the NIST ones, and permit them, call them 'secure'
etc. Only when taking the default (ergo unspecified) algorithm should
we conclude that the algorithm may be less strong than what the spec
requires.

What would help is if RngDxe could wrap an implementation of the raw
RNG protocol produced by another driver, and produce the NIST DRBGs
based on that - perhaps I should look into that.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#118699): https://edk2.groups.io/g/devel/message/118699
Mute This Topic: https://groups.io/mt/105983246/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-