[Cryptography] The Crypto Pi

Bakul Shah bakul at bitblocks.com
Tue Jan 13 14:36:56 EST 2015


On Tue, 13 Jan 2015 08:14:43 +0100 Ralf Senderek <crypto at senderek.ie> wrote:
> On Mon Jan 12 2015 John Ioannidis wrote:
> 
> > There does not appear to be anything Pi-specific about this. Am I missing
> > something?
> > 
> > /ji
> 
> No, you don't. In fact, the core software of the Crypto Pi project will run
> on different hardware and (maybe) run on top of any *nix platform that
> provides some basic tools. In its current version it uses a fraction of the
> functionality of /usr/bin/gpg (AES) and reads 20 Bytes of /dev/random to get
> 160 bit of "unpredictability" for each message sent. It is essential not to
> tie the Crypto Pi to a specific pre-condition unless there is a reason for it.
> 
> That brings me back to my original question: Is it (in any sense) more secure
> to avoid reading key material from /dev/random and use the hardware RNG
> instead or in addition?

According to
http://www.raspberrypi.org/forums/viewtopic.php?f=29&t=19334&start=275#p273944
RPi's hardware random number generator uses a "thermal noise"
entropy source. I asked them but was told there are no further
public details. So unknown if it is more secure or less.
FWIW, it passes rngtest from debian rng-tools and does about
975Kibits/s.

> Does the rPI use its specific capabilities to enhance /dev/random?

On linux/pi the h/w RNG is available under /dev/hwrng.
/dev/random is their standard "cryptographic pseudo RNG".  It
seems to be extremely slow (80 bits/second) or broken or has
the wrong default settings.

FreeBSD/pi /dev/random is much much faster @ 33Mibis/sec. AFAIK
it doesn't use the h/w RNG.


More information about the cryptography mailing list