[Cryptography] The Crypto Pi
Paul Elliott
pelliott at blackpatchpanel.com
Wed Jan 14 20:31:41 EST 2015
On Mon, Jan 12, 2015 at 11:12:16PM +0100, Ralf Senderek wrote:
> On Mon, 12 Jan 2015 Paul Elliott wrote:
>
> >I already use The PI to serve random numbers to my LAN. I have several
> >computers with no onboard hardware RNG.
>
> Do you know how trustworthy the onboard RNG on the Raspberry Pi is? Are
> there any references that convinced you to put some faith into its
> performance?
>
>
> >It uses socat with privately distributed keys, (no certificates) to
> >encrypt that data as it flows.
>
> That's a cute idea, so to any client software the Pi's random number stream
> looks like a device file. But How do you encrypt?
> The Crypto Pi uses /usr/bin/gpg for encryption, do you use something
> different, as the client must decrypt the stream before simulating
> /dev/random to the application layer.
>
> >/dev/random works a lot faster with this software running.
>
> So your solution replaces /dev/random on the client with the data
> it receives from the Pi?
No, it dumps the entropy into /dev/random using rng-tools rngd.
--
Paul Elliott 1(512)837-1096
pelliott at BlackPatchPanel.com PMB 181, 11900 Metric Blvd Suite J
http://www.free.blackpatchpanel.com/pme/ Austin TX 78758-3117
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150114/bf406008/attachment.sig>
More information about the cryptography
mailing list