[Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's chip-based crypto, FreeBSD developers say
Sandy Harris
sandyinchina at gmail.com
Thu Dec 19 14:05:41 EST 2013
On Thu, Dec 19, 2013 at 12:04 PM, Stephan Mueller <smueller at chronox.de> wrote:
>>How do we safely initialize Yarrow or a another software RNG if the
>>CPU's hardware RNG is compromised ...
>
> There are various implementations of RNGs that use CPU execution timing
> variations as noise source. ...
>
> So, there are noise sources which do not depend on some black box.
>
> [1] http://www.issihosts.com/haveged/
> [2] http://dankaminsky.com/2012/08/15/dakarand/
> [3] http://jytter.blogspot.se/
> [4] http://www.chronox.de/
One more is:
ftp://ftp.cs.sjtu.edu.cn:990/sandy/maxwell/
Also, if you have an unused sound device or can add one,
a very good quality and quite high volume source is:
http://www.av8n.com/turbid/paper/turbid.htm
More information about the cryptography
mailing list