<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Dec 12, 2013 at 3:44 AM, Arnold Reinhold <span dir="ltr"><<a href="mailto:agr@me.com" target="_blank">agr@me.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><div>On 10 Dec 2013 16:26, Bill Cox wrote:</div><div><br></div><blockquote type="cite">... I took a good <br>look at Intel's hardware random number generator source. There's a paper <br>
analyzing it here:</blockquote><div></div></div></blockquote><div>Thanks for the link...</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><div>My problem with the Intel design is that there is no way to audit it. <br></div><div></div></div></blockquote><div><br></div><div>True...</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div style="word-wrap:break-word"><div>Here is an idea I have been playing with to provide a slow but auditable source of entropy.</div><div><br></div><div>I propose combining an accelerometer chip to collect entropy with would provide a physically un-cloneable element. The rattle would be completely mechanical, but could be designed with solderable leads for automatic part placement machines, or it could be epoxied in place. It would be possible to immobilize the rattle with a magnet if ferrous ball bearings are used, or in a centrifuge. This could be useful for testing and it should be possible for software to distinguish the proper operation of the rattle statistically.</div>
<div><br></div></div></blockquote><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div style="word-wrap:break-word">
<div></div><div>This entropy generator would be cheap, simple and low</div></div></blockquote></div><div><br></div><div>There are some low cost development tools to play</div><div>with sensors. I think some of these offer potential and</div>
<div>are worthy of investing some effort in.</div><div><br></div></div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div class="gmail_extra"><div>One is:</div></div><div class="gmail_extra"><div>element14 MEMS Sensors Board Evaluation Kit </div>
</div><div class="gmail_extra"><div>element14 and Freescale have partnered together to introduce an evaluation platform for Freescale's next-generation Xtrinsic MEMS sensors. The kit features the following:</div></div>
<div class="gmail_extra"><div><br></div></div><div class="gmail_extra"><div>MPL3115A2: Highly precise altitude and pressure sensor</div></div><div class="gmail_extra"><div> - Pressure range: 20 – 110 kPa</div></div><div class="gmail_extra">
<div> - Less than 1 foot / 0.3 m resolution</div></div><div class="gmail_extra"><div>MAG3110: Low-power digital 3-D magnetic sensor</div></div><div class="gmail_extra"><div> - Measuring local magnetic fields up to 10 Gauss</div>
</div><div class="gmail_extra"><div>MMA8491Q: 3-axis accelerometer</div></div><div class="gmail_extra"><div> - Ultra-low-power tamper detection and tilt sensor</div></div></blockquote><div><br></div>Texas instruments has a comparable development board... slightly more<div>
interesting sensors.<br><br>So, yes a handful of ball bearing rolling around perturbing the magnetic<div>sensor a little or a lot. Voice, AirCon, wind, weather, doors perturbing </div><div>the pressure sensor.</div><div>
<br></div><div>Slurp up a data stream from something like this at the end of a USB</div><div>link and sprinkle these bits into the bits from the processor RNG and</div><div>you have added some serious entropy to the bit stream that I assert(need-a-test)</div>
<div>could confound the risk that the Intel or Arm processor RNG has some </div><div>guessable quality.</div><div><br></div><div>I see little or no reason to not encourage a cottage industry of mint-tin</div><div>size devices that connect to USB links and serve one or more security</div>
<div>functions from RNG to public key ring keepers not directly under the control</div><div>of the main OS or Main System Hardware.</div><div><br></div><div>Should someone invent an improved or alternate solution unplug one </div>
<div>mint-tin of fun and plug in another. <br><br>I should note that the Raspberry-Pi ARM processor appears to have a RNG function </div><div>and there are are sensor experiments in abundance.</div><div><br></div><div>One experiment I might make is an ADC and DAC loop where some input</div>
<div>is read and then an analog output generated to be measured by the </div><div>same or another ADC. The uncertainty of the LSB.</div><div><br></div><div>Multiple sensors, multiple methods not exactly the same in many Altoid size Mint tins might confound</div>
<div>the most skilled external analysis.</div><div></two.cents></div><div><br></div><div><br><div class="gmail_extra"><div><br><br><br>-- </div><div dir="ltr"> T o m M i t c h e l l</div>
</div></div></div></div>