What if you had a very good entropy source, but only practical at crypto engine installation time?
Thierry Moreau
thierry.moreau at connotech.com
Wed Oct 6 12:48:25 EDT 2010
Dear all:
The PUDEC (Practical Use of Dice for Entropy Collection) scheme has been
advanced. The new web page is at http://pudec.connotech.com
The main technical advance in this release is the documentation of
(deterministic) algorithmic support (
http://pudec.connotech.com/pudec_algo.html ). This development effort
uses a structured process as if it targeted FIPS140-2 level 4
certification, hence the release of documentation before reference
source code.
Plus the PUDEC dice sets are now offered for sale.
If you are part of an open source project (GPL) for a cryptographic key
management server or an "open source HSM" and you see a useful feature
in self-evident entropy source, don't hesitate to contact me (I would
consider an open source contribution if such projects have a reasonable
chance of critical mass adoption).
Enjoy!
Thierry Moreau wrote:
>
> See http://www.connotech.com/doc_pudec_descr.html .
>
> (OK, it's also practical whenever the server needs servicing by trusted
> personnel.)
>
> Then, you care about the deterministic PRNG properties, the secrecy of
> its current state, and the prevention of PRNG output replays from an
> out-of-date saved state.
>
> And bingo, you solved the random secret generation issue satisfactorily!
>
> Regards,
>
--
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
Tel. +1-514-385-5691
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list