| |||||||||||||
The SOURCE for truly random numbers in the kernel is external hardwareThe SOURCE for truly random numbers in the kernel is external hardwarePosted Sep 19, 2013 15:46 UTC (Thu) by felixfix (subscriber, #242)In reply to: The SOURCE for truly random numbers in the kernel is external hardware by pizza Parent article: The search for truly random numbers in the kernel
But if commercial RNGs are not to be trusted, packaging it into a USB stick doesn't magically remove the stigma.
(Log in to post comments)
The SOURCE for truly random numbers in the kernel is external hardware Posted Sep 19, 2013 17:52 UTC (Thu) by daney (subscriber, #24551) [Link]
You may not trust a commercial RNG, but if the USB interface to said class of devices were standardized, you might have the option of easily switching RNG vendor.
The SOURCE for truly random numbers in the kernel is external hardware Posted Sep 19, 2013 18:06 UTC (Thu) by pizza (subscriber, #46) [Link]
My servers are perpetually entropy-starved simply by random web crawlers hitting its TLS-exposed services. A full entropy pool is typically depleted within a few seconds, even under low-load situations.
Meanwhile, I won't be using the RNG output of the STM32 directly; it will be mixed and mangled before being passed to the host -- and since Linux will mix it with its other entropy sources, it's considerably less likely to be a problem.
Besides, let's be honest here, if you distrust commercial RNGs, wouldn't any random pre-packaged RNG design be equally suspect? Just because the design/code is open source doesn't mean there's not a weakness in it that only the NSAs in the world are capable of recognizing. And besides, even assuming noble intentions, designing a good RNG is *hard*; I'm actually more likely to introduce weaknesses (as opposed to improvements) with my meddling.
|
|||||||||||||