[Cryptography] A review per day of TRNGs: OneRNG

Jerry Leichter leichter at lrw.com
Wed Oct 22 12:46:17 EDT 2014

On Oct 22, 2014, at 10:01 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> As for downsides....  Also, the possibility of having it reprogrammed by an attacker who intercepts it in the mail remains an issue, since most users will not likely re-flash their device.  I am not sure if the flash can be dumped securely over USB, or if an attacker can mod the program to deliver the original firmware, hiding the malware.
Sounds like a great application for "sparkly nail polish" security.  Paint over the access points - the outside screws, the chips and on to the board, over a piece of tap sealing the USB - with one of those nail polishes with sparkly bits in it.  Take photos of each spot and deliver separately from the device itself, preferably through multiple channels (e.g., send in a separate envelope, and put signed copies on line).  The exact speckle pattern is random and as far as I know impossible to duplicate.  It's also easy to check "by eye".
                                                        -- Jerry

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4813 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141022/e351a512/attachment.bin>

More information about the cryptography mailing list