[Cryptography] The world's most secure TRNG

[ianG]

On 9/10/2014 01:59 am, Bill Cox wrote:
> On Wed, Oct 8, 2014 at 7:00 PM, Dave Horsfall <dave at horsfall.org
> <mailto:dave at horsfall.org>> wrote:
> 
>     It's possible that I may have missed this (the list seems to have spiked
>     lately), but how would the device present itself to the host?  A serial
>     stream of random bits (like a terminal or a keyboard), or some sort of a
>     structure with command and control etc?
> 
>     -- Dave
>     _______________________________________________
>     The cryptography mailing list
>     cryptography at metzdowd.com <mailto:cryptography at metzdowd.com>
>     http://www.metzdowd.com/mailman/listinfo/cryptography
> 
> 
> No command/control.  In fact, I feel a lot better not having a
> microcontroller on there that could transmit nasty malware when being
> plugged into a new system, or which could be reprogrammed to emit
> non-random data.


My guess is that if you don't have an easy defined interface (file? tty)
then it won't work in the marketplace.

In terms of the nasty malware, what would be nice would be a firewall.
A device that has male & female and sits there and watches for naughty
traffic.  If this came with a good RN source as well, I'd reckon it
would be a hit.


...
> How important is the proper USB connector vs a raw connector with no
> housing like the DigiSpark?  Do we really feel we need to wrap this
> thing in metal to keep it from radiating secret bits?


Yes, otherwise it will be noisy :)  You don't want it interfering with
random gear.

You could probably get away without in a prototype device and encourage
someone to do some testing...


> I figure if we
> feed it into a whitener, an attacker would have to know *every* bit to
> know the state of the whitener.  That seems like a tall order for an
> attacker trying to read bits from EMI.


Oh, no :)  In the crypto world we deal with bit-rated paranoia.  Even
one bit leaked to an attacker will earn the device the BROKEN award.



iang