LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Shumway lands in Firefox

LWN.net Weekly Edition for October 3, 2013

Integrity and embedded devices

NUMA scheduling progress

LWN.net Weekly Edition for September 26, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The SOURCE for truly random numbers in the kernel is external hardware

The SOURCE for truly random numbers in the kernel is external hardware

Posted Sep 19, 2013 15:21 UTC (Thu) by pizza (subscriber, #46)
In reply to: The SOURCE for truly random numbers in the kernel is external hardware by faramir
Parent article: The search for truly random numbers in the kernel

>it should be possible to build a USB attachable source of truly random numbers for a reasonable amount of money.

There's an outfit out of the UK (www.entropykey.co.uk) that was selling such a widget for about $60, but they've hit some sort of unrelated financial problems and haven't been able to make/ship any for some time now.

In the mean time, I'm actually working on a USB-attached RNG now, utilizing an STM32F4 MCU, which has a high-quality hardware RNG onboard. You can buy the eval boards for $15 in single-unit quantity (STM32F4DISCOVERY), so I don't think there's much of a point in trying to design a custom board since we won't be able to meet that price target without a large enough initial order.

When I get it working (The USB stack is a bit of a PITA), I'll be releasing the firmware (and appropriate Linux code) under the GPL. If there's enough interest in dedicated hardware, perhaps Kickstarter may be an option, hmm.

(Log in to post comments)

The SOURCE for truly random numbers in the kernel is external hardware

Posted Sep 19, 2013 15:46 UTC (Thu) by felixfix (subscriber, #242) [Link]

But if commercial RNGs are not to be trusted, packaging it into a USB stick doesn't magically remove the stigma.

The SOURCE for truly random numbers in the kernel is external hardware

Posted Sep 19, 2013 17:52 UTC (Thu) by daney (subscriber, #24551) [Link]

You may not trust a commercial RNG, but if the USB interface to said class of devices were standardized, you might have the option of easily switching RNG vendor.

The SOURCE for truly random numbers in the kernel is external hardware

Posted Sep 19, 2013 18:06 UTC (Thu) by pizza (subscriber, #46) [Link]

My servers are perpetually entropy-starved simply by random web crawlers hitting its TLS-exposed services. A full entropy pool is typically depleted within a few seconds, even under low-load situations.

Meanwhile, I won't be using the RNG output of the STM32 directly; it will be mixed and mangled before being passed to the host -- and since Linux will mix it with its other entropy sources, it's considerably less likely to be a problem.

Besides, let's be honest here, if you distrust commercial RNGs, wouldn't any random pre-packaged RNG design be equally suspect? Just because the design/code is open source doesn't mean there's not a weakness in it that only the NSAs in the world are capable of recognizing. And besides, even assuming noble intentions, designing a good RNG is *hard*; I'm actually more likely to introduce weaknesses (as opposed to improvements) with my meddling.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds