[Cryptography] Finding Entropy Isn't That Hard

Kent Borg kentborg at borg.org
Thu Sep 12 11:52:20 EDT 2013

On 09/12/2013 10:41 AM, Kent Borg wrote:
> routers and servers are not as bad off as people say. 

Not that more sources is bad.  A new trustworthy HW entropy source would 
be good.  Even a suspect rdrand is worth XORing in (as Linux does on the 
machine I am using right now).

But if you thirst for more entropy keep looking in your current 
hardware, server boxes are particularly good hunting grounds for a few 
more dribs of entropy:

  - current RPM of all the fans (the proverbial entropy-starved server 
can have a lot of fans)
  - temperatures
  - voltages
  - disk ("SMART") statistics (temperatures and error counts, multiplied 
by the number of disks)

These are all things that could wear out or go wrong, which means they 
need monitoring because...you can't otherwise know what they are.  Cool, 
that's a decent definition of entropy.  Sample them regularly and hash 
them into your entropy pool.  Not a lot of bandwidth there, but if your 
RNG does a good job of hiding its internal state, and you are mixing in 
a dozen more bits here and a dozen more bits there...pretty soon you 
have made the attacker's job a lot harder.

Maybe not as sexy as a lavalamp or radioactive gizmos, but more 
practical and available now.


More information about the cryptography mailing list