[Cryptography] The world's most secure TRNG
Bill Cox
waywardgeek at gmail.com
Wed Oct 8 20:59:02 EDT 2014
On Wed, Oct 8, 2014 at 7:00 PM, Dave Horsfall <dave at horsfall.org> wrote:
> It's possible that I may have missed this (the list seems to have spiked
> lately), but how would the device present itself to the host? A serial
> stream of random bits (like a terminal or a keyboard), or some sort of a
> structure with command and control etc?
>
> -- Dave
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
>
No command/control. In fact, I feel a lot better not having a
microcontroller on there that could transmit nasty malware when being
plugged into a new system, or which could be reprogrammed to emit
non-random data.
It's just a simple USB -> 8-bit fifo chip controlling the TRNG. The USB
controller is a FT240X, which has some reconfigurability, but not even
enough to create a 2-bit state machine.
The host just sets Ph1 high and Ph2 low and vice versa through the bit-bang
mode on the FT240X, and receives the resulting bytes one per clock. Only
one bit of each byte is output from the TRNG, so you clock it 8 times and
then send a byte to the whitener.
I'm working on the Eagle schematic and board layout now. It's a lot of
fun. I know I should put an EMI shield on the device to keep it from
leaking data to attackers, but I am leaning towards shipping naked cheap
little USB boards, similar to a DigiSpark.
How important is the proper USB connector vs a raw connector with no
housing like the DigiSpark? Do we really feel we need to wrap this thing
in metal to keep it from radiating secret bits? I figure if we feed it
into a whitener, an attacker would have to know *every* bit to know the
state of the whitener. That seems like a tall order for an attacker trying
to read bits from EMI.
Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141008/32a110bb/attachment.html>
More information about the cryptography
mailing list