<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><br>
</p>
<div class="moz-cite-prefix">On 11/09/2019 18:45, Ken McCall via
cryptography wrote:<br>
</div>
<blockquote type="cite"
cite="mid:_9d7ZaYL_pNzLZPYJ3j19hCofqv13O6-J4DUZY7C_EnvgAiCRFsA3GiEVNsqgYqe7Y4UW0cBAju0EDkgn1iy8L_C5q3_-uqCKydFdfHn-HQ=@protonmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>I watch discussions on this list to learn more about
cryptography and I find it very valuable. However, I am not a
cryptographer myself. There was recent thread on TRNGs and I'd
like to expound it into a slightly different tangent, if I may. <br>
</div>
<div><br>
</div>
<div>It seems to me (at least in the cryptocurrency world) that
there is a growing desire that hardware become more transparent
(as in open source) just as software has been. I believe an open
source chip could radically disrupt the existing TRNG chip
market, forcing transparency. I’m also assuming this theoretical
chip would be certified by one or more of the myriad
certification authorities that all these manufacturers use as
proof of their design integrity. Obviously there is a case to be
made that a TRNG burned into a chip (and open source hardware
design) results in a fixed attack surface. However, at least
that attack surface, should it be breached, would be a known
entity versus the proprietary chips on the market. <br>
</div>
</blockquote>
<p><br>
</p>
<p>The concept of RNs (random numbers) is pretty vexing, and it
doesn't seem to bend to the normal security thinking. Even though
an open source chip might be better, it still presents a supply
chain attack and when it comes to actual production, chip
manufacture is anything but transparent.</p>
<p>Because of issues like this, thinking in RN generation ("true" or
pseudorandom or otherwise) has changed somewhat. In short, RNs
should be primarily directed in software, and the sources or seeds
for this should be diversified out to different producers. If
there is a good hardware source, use it. If there are several,
use them all. The, the software task reduces to combining/mixing
many hopefully independent sources.</p>
<p>Once that is accepted, the task is now different. In the
hardware sense, we don't care about a perfect TRNG any more, we
now care about many okRNGs, with the emphasis on independent not
truethity.</p>
<p>Which leads to the notion that actually, a simple hardware
design, or many designs, could be a good thing. There is no
particular reason why hardware manufacturers couldn't add in a
small RNG into the left over 0.1% of chip area.</p>
<p>Then software could XOR them all.<br>
</p>
<p><br>
</p>
<blockquote type="cite"
cite="mid:_9d7ZaYL_pNzLZPYJ3j19hCofqv13O6-J4DUZY7C_EnvgAiCRFsA3GiEVNsqgYqe7Y4UW0cBAju0EDkgn1iy8L_C5q3_-uqCKydFdfHn-HQ=@protonmail.com">
<div>To my knowledge there are no open source TRNG chips
commercially available on the market. There are however,
discrete component plans available, but not widely adopted (<a style="box-sizing: inherit; background-color: rgb(255, 255, 255); font-family: monospace; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: pre-wrap; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;" href="http://www.bitbabbler.org/" rel="noreferrer nofollow noopener" target="_blank" moz-do-not-send="true">http://www.bitbabbler.org/</a>).
<br>
</div>
</blockquote>
<p><br>
</p>
<p>Right. So if we have multiple sources into a software mixer, then
all that babbling disappears and any good-enough source becomes
good enough.<br>
</p>
<p><br>
</p>
<blockquote type="cite"
cite="mid:_9d7ZaYL_pNzLZPYJ3j19hCofqv13O6-J4DUZY7C_EnvgAiCRFsA3GiEVNsqgYqe7Y4UW0cBAju0EDkgn1iy8L_C5q3_-uqCKydFdfHn-HQ=@protonmail.com">
<div><br>
</div>
<div>Also, there was one Crowdsupply failed attempt to create a
chip:<br>
</div>
<div>
<div><a
href="https://www.crowdsupply.com/onchip/open-v/updates/open-true-random-number-generator"
moz-do-not-send="true">https://www.crowdsupply.com/onchip/open-v/updates/open-true-random-number-generator</a><br>
</div>
<div><br>
</div>
<div>So, I wonder:<br>
</div>
<ul>
<li>Might open source TRNG hardware (as a semiconductor chip)
better support cryptography in general, or perhaps just for
crypto currencies? Or, am I completely wrong in this belief,
and the hardware designs are best left as proprietary?<br>
</li>
</ul>
</div>
</blockquote>
<p><br>
</p>
<p>Any source on a chip can support crypto as long as there are more
than 1 source, and they get mixed in software. The more the
merrier. The slappier the sloppier, we'll take them all.<br>
</p>
<p>iang</p>
<p>ps old rant: <a
href="https://iang.org/ssl/hard_truths_hard_random_numbers.html">https://iang.org/ssl/hard_truths_hard_random_numbers.html</a></p>
</body>
</html>