[Cryptography] randomness +- entropy
Jerry Leichter
leichter at lrw.com
Thu Nov 7 14:08:40 EST 2013
On Nov 7, 2013, at 1:07 PM, Sandy Harris <sandyinchina at gmail.com> wrote:
> As John says, the right solution in that case is almost certainly to
> boot from USB instead so you can have some writable storage than can
> hold a seed file between reboots.
I answered this separately: Adding writable storage will most likely *reduce* security.
> In other situations -- a Linux
> smartphone or an embedded system with severe limitations -- none of
> the known-good solutions may work. No on-board hardware RNG, no free
> sound device for Turbid, no writable storage for a seed, ...
The smartphone and the embedded system are *very* different. Any phone has a microphone and a radio. Unfortunately, the radios are usually sealed off so you couldn't use them as a source of radio noise; but the microphones are wide open. And there are plenty of other environmental sensors - location, movement, orientation, ambient lighting level. Not to mention a display you can use to ask the user to enter stuff on the keypad. Smartphones are *easy* - though historically some of them have done a crappy job, even with the rich sources they have available.
Embedded systems are among the hardest. People want routers and switches and similar hardware to need zero configuration, and yet some of them play essential cryptographic roles and really need good sources of randomness.
-- Jerry
More information about the cryptography
mailing list