User: Password:
|
|
Subscribe / Log in / New account

Definitely not speaking for my employer, but here goes..

Definitely not speaking for my employer, but here goes..

Posted Jul 21, 2012 3:22 UTC (Sat) by DavidJohnston (guest, #85852)
In reply to: Definitely not speaking for my employer, but here goes.. by nix
Parent article: Random numbers for embedded devices

Then I suspect no hardware product will meet your needs.


(Log in to post comments)

Definitely not speaking for my employer, but here goes..

Posted Jul 21, 2012 13:48 UTC (Sat) by nix (subscriber, #2304) [Link]

Precisely my point. Or, rather, they do meet my needs, but my needs do not include having this stuff contribute to the entropy estimate. I can't trust that it is truly entropy. That doesn't mean it won't help keep your random numbers look random, of course: it still mixes into the pool.

Definitely not speaking for my employer, but here goes..

Posted Aug 18, 2012 16:32 UTC (Sat) by kjp (subscriber, #39639) [Link]

Use an FM or TV tuner and use the white noise for entropy. I'd trust that.

Definitely not speaking for my employer, but here goes..

Posted Aug 18, 2012 21:37 UTC (Sat) by nix (subscriber, #2304) [Link]

Really? That noise is often fearfully non-random and highly correlated, and anyone with a radio transmitter or indeed any electrical device can introduce new patterning. It's... not a good noise source on its own (though obviously it contains noise, so it could probably contribute *some* entropy.)

Definitely not speaking for my employer, but here goes..

Posted Jul 23, 2012 17:19 UTC (Mon) by tytso (subscriber, #9993) [Link]

Of course there could be hardware products that would meet an independent auditability criteria. It would require a completely open hardware design where the only thing that is done in hardware is a noise diode, and the minimal circuitry to convert the analog signal into a digital one. A quick google search reveraled something like this that could perhaps be used as a basis of such an implementation:

https://mywebspace.wisc.edu/lnmaurer/web/minirng/minirng....

Add a simple USB interface so it can be plugged into a laptop or a server, but the key point is that it's a open hardware design, using basic commodity parts whose operation can be easily verified.

Then what we do in open source software is all of the hard work of analyzing the raw output of the hardware circuit, to make sure it hasn't failed, and then all of the whitening using AES, etc. Alternatively, we could take the unwhitened output and just feed it into /dev/random (since the /dev/[u]random entropy pools will take care of doing the whitening for us).

Definitely not speaking for my employer, but here goes..

Posted Jul 24, 2012 16:59 UTC (Tue) by nix (subscriber, #2304) [Link]

Alternatively, we could take the unwhitened output and just feed it into /dev/random (since the /dev/[u]random entropy pools will take care of doing the whitening for us).
This is exactly what the Entropy Key's daemon does. There's no point in engaging in whitening and the like, since the key already does all of that (mixing together the output of two RNGs, making sure they are not correlated, and the like) and the daemon just asks the key 'are you broken?' and stops feeding entropy into /dev/random if it says it is.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds