Time - The final frontier

Jitter RNG Entropy Source

The Jitter RNG software-based entropy source offers entropy on almost every execution environment.

Linux Random Number Generator – a new approach to the Linux /dev/random

The LRNG provides an API and ABI drop-in replacement of the Linux /dev/random.

libkcapi - Linux Kernel Crypto API User Space Interface Library

Using the libkcapi, the Linux kernel crypto API can be accessed from user space.

Comment of Bug CVE-2026-31431

The bug referenced by CVE-2026-31431 is a grave securty issue allowing an unprivileged user to gain root access by misusing a kernel interface.

That issue materialized by (1) AF_ALG opening an interface to kernel crypto API algorithms and (2) a kernel crypto API algorithm implementation that performed operations safe in kernel environments, but unsafe when triggered by user space. The immediate sensible solution by the kernel developers was to disable the interface allowing the use of the kernel mechanism.

Calling the interface of AF_ALG as the culprit of the issue, however, falls definitely short of understanding the nature of the bug as all it does is to provide the door to the kernel mechanisms where the door itself (i.e. my patch that got reverted) does not have a bug in itself. The reversion of my patch “shuts the door” to the kernel mechanisms that can be misused.

That said, however, it highlights one general issue of the AF_ALG interface and perhaps the kernel architecture that should be considered in future developments. The AF_ALG interface opens by its very nature a very large attack surface to the kernel as it makes mechanisms developed for in-kernel use (i.e the cryptographic algorithm implementations) available to potentially hostile user space. While working on the AF_ALG interface I was very much aware of this issue, asked for additional code review and proposed to only enable AF_ALG interface when truly needed, i.e. when having hardware cryptographic services that user space should use where the hardware is not accessible from user space directly unlike the CPU instructions for cryptographic operations.

But it also hints to a much deeper issue: why is there any need to have drivers making cryptographic hardware available in kernel space and thus the need for AF_ALG? Even today, drivers can be implemented in user space by making the MMIO registers available the “driver application” that interfaces with the hardware. Any bug in such a driver application will remain local to that app and will not jeopardize the entire system. You can drive that question even to the extreme: why is there a need for large numbers of drivers and other code in kernel space? Yes, these questions have been raised time and again. But perhaps it should be re-assessed again?

Entropy Source and DRNG Manager … or /dev/random in user space

The ESDM provides and API and ABI drop-in replacement of the Linux /dev/random device which is entirely implemented in user space.

ACVP Parser

With the ACVP Parser cryptographic algorithms and implementations can be tested against the NIST ACVP server to obtain CAVP certificates.

ACVP Proxy

In order to obtain ACVP test vectors from the NIST servers, the ACVP Proxy offers an efficient handling of thousands and even tens of thousands of test vectors.

ChaCha20 DRNG

Using the ChaCha20 algorithm, the ChaCha20 DRNG is specified.

Crypto Performance Measurement for Linux kernel crypto API

The performance of the Linux kernel crypto API can be measured with the cryptoperf tool.