[Cryptography] Thoughts on hardware randomness sources

Marcus D. Leech mleech at ripnet.com
Tue Sep 10 12:30:06 EDT 2013


On 09/10/2013 12:04 PM, Rob Kendrick wrote:
>> I wonder what people's opinions are on things like the randomsound
>> daemon that is available for Linux.
> Daniel Silverstone, the author, specifically advises people to not use
> it. :)
I haven't actually looked at the code. Conceptually, anything with an 
ADC can produce thermal and or 1/f noise in the lowest-order bits.
   Even if it's somewhat biased (like having 60Hz hum embedded in it), 
with a suitable whitening function, it should produce
   high-quality entropy at rates of at least several hundred bits/second.

The idea is to have *diversity* of physical random sources, to make it 
difficult for "bad actors" to subvert said hardware.

It's fairly easy to "audit" these sources of random bits, since said 
bits won't have had any processing done to them in support of their random
  properties (unlike the Intel HW RNG).


But this is just one aspect of a much-larger problem of "trusting trust" 
(in the Thompson sense).

-- 
Marcus Leech
Principal Investigator
Shirleys Bay Radio Astronomy Consortium
http://www.sbrac.org



More information about the cryptography mailing list