CPRNGs are still an issue.

Sandy Harris sandyinchina at gmail.com
Mon Dec 15 19:30:34 EST 2008


Bill Frantz <frantz at pwpconsult.com> wrote:

> Short of building special random number generation hardware, does
> anyone have any suggestions for additional sources?

Any unused input device with noise can be used. Examples:
Soundcard: http://www.av8n.com/turbid/
Camera: http://www.lavarnd.org/

If anything in the system changes a lot, like processes starting
and stopping or files opening & closing, periodically hashing
the tables that describe that state is useful.

Is your threat model one-sided? e.g. for a home router, attacks
from the Internet side might be more of a worry than attacks
from the LAN. In that case, things like packet timing on the
LAN side are unknown to the feared attacker. Also, if you are
doing NAT, the port numbers on the LAN side since those are
not sent outside.

If the device does any crypto, mixing ciphertext into the pool
is nowhere near ideal since you would not be encrypting
unless some enemy might get the text and using things an
an enemy can get is exactly what you do not want here.
However, it is cheap and random-looking, and the volume
is proportional to the amount of crypto done, so it might
help in some cases.

-- 
Sandy Harris,
Quanzhou, Fujian, China

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list