[Cryptography] A TRNG review per day (week?): ATSHA204A has low entropy

Bill Cox waywardgeek at gmail.com
Wed Dec 10 06:08:07 EST 2014

On Tue, Dec 9, 2014 at 4:46 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz>

> "Cox, Landon" <Landon.Cox at atmel.com> writes:
> >You are correct, you should always update the seed between wake/sleep
> power
> >cycles.
> Does this problem affect the ATECC108 as well?  The data sheet (well,
> extended
> brochure since you can't get the data sheet publicly) for this is from
> October
> 2013, which predates the fix introduced in the ATSHA204A (July 2014) by
> quite
> some time.
> Peter.
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

This part uses the same language to describe the random number generator.
It is "high quality".  I think that's pretty funny.

I would be interested in seeing if the new part can generate random numbers
continuously, or if it fails after it's EEPROM wears out like their other
parts.  The use of an EEPROM seed is for PWN-ing your RNG, not making it
more secure.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141210/4526025a/attachment.html>

More information about the cryptography mailing list