[Cryptography] Is Ron right on randomness

Ron Garret ron at flownet.com
Sun Nov 27 01:27:26 EST 2016 

On Nov 26, 2016, at 6:34 PM, Ray Dillinger <bear at sonic.net> wrote:

> 
> 
> On 11/26/2016 04:30 PM, Ron Garret wrote:
> 
>> 3.  If OpenSSL wanted to include support for an external hardware source of randomness (like, say, the SC4-HSM) I wouldn’t mind ;-)
> 
> The best use for an HWRNG, in my opinion, is with a driver that writes
> its output at some "reasonable" rate directly to /dev/random.  OpenSSL
> would be supported automatically because it normally reads that device.
> But that's just my opinion.

And I would agree.

> If you're serious about OpenSSL having direct hardware-generator support
> to address those objections, I suggest you implement this yourself and
> submit it as a patch.

I’m not really serious.  Using the SC4-HSM as a HWRNG is like using a Macbook Pro to run Calculator.app.  But a lot of people make a lot of money selling snake oil in the security business, so if someone wants to overpay me to provide them with random numbers I’m not going to object.

The real use of the SC4-HSM is, well, as an HSM, i.e. to securely store keys and to use those keys to do crypto operations, mainly generating signatures.  But you can also, for example, do decryption on board and display the result on the built-in display.

> To address legal trust issues, it will at the very least be necessary
> for you to make it clear that anyone is welcome to build compatible
> devices and may do so without incurring liability for any kind of
> intellectual property claim.

There is no proprietary hardware or software in the SC4-HSM.  It is really a very simple piece of hardware: an STM32F405 chip, a display, two buttons, and a USB connector.  And all the software is open-source.  But of course you can run anything you want on it.

The SC4-HSM exists not because I think it’s a revolutionary piece of hardware that is going to take over the world (though that would be nice) but simply because I wanted something like it and no one else was building it.  I started this work using a Teensy3, but realized very quickly that to be secure you need dedicated I/O.  There was nothing on the market that met those requirements so I decided to build it myself.

> To address crypto trust issues, don't freeze out other sources.

At the moment, the SC4-HSM presents itself as a virtual com port.  I couldn’t make that proprietary even if I wanted to.

rg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20161126/0831e155/attachment.sig>

More information about the cryptography mailing list