[Cryptography] OpenSSL CSPRNG work
Bill Frantz
frantz at pwpconsult.com
Fri Jul 7 18:38:33 EDT 2017
On 7/6/17 at 4:38 PM, tytso at mit.edu (Theodore Ts'o) wrote:
>And trusting consumer electronics manufacturers to be able to
>correctly and securely generate random seeds for all of their devices
>when they can't even manage to assign unique ethernet MAC address is a
>very challenging problem!
Actually I think generating random seeds is easier. Include a
hardware random number generator -- e.g. a diode, and you have a solution.
The reason this is easier is that every widget that comes off
the assembly line is the same. The problem with MAC addresses is
that every widget is different.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz |Security, like correctness, is| Periwinkle
(408)356-8506 |not an add-on feature. - Attr-| 16345
Englewood Ave
www.pwpconsult.com |ibuted to Andrew Tanenbaum | Los Gatos,
CA 95032
More information about the cryptography
mailing list