[Cryptography] In search of random numbers

Fri Oct 24 13:02:59 EDT 2014

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/24/2014 01:49 AM, Hanno Böck wrote:

> The other issue you'll have is "first time boot". Then you don't have
> any entropy from previous boots.

That's a good description of the problem.

However, there is a distinction between realism, fatalism, and 
defeatism.  We must be realistic about the problem as it exists, 
but we should not fatalistically accept it as a permanent state
of affairs.  We need to fix this problem.

We require the RNG system to work correctly at all times, even
early in the startup process, even during the very first boot.

To make this possible, any device, no matter how large or small, 
MUST be *provisioned* with some entropy.  We must train people
to do this, as a basic element of sound engineering practice.

The idea of provisioning is discussed at
  "Security Recommendations for Any Device
     that Depends on Randomly-Generated Numbers"
  https://www.av8n.com/computer/htm/secure-random.htm
especially
  https://www.av8n.com/computer/htm/secure-random.htm#advice-provisioned

On 10/24/2014 05:18 AM, Alexandre Anzala-Yamajako wrote:

>> In that case there is no "last time" that can be reliably trusted.
>> Unless I misunderstood your point I don't clearly see the engineering option.

Provisioning is an option ... AFAICT the only option.