lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 25 Dec 2010 14:57:04 -0800
From: coderman <coderman@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: how i stopped worrying and loved the backdoor

On Sat, Dec 25, 2010 at 2:12 PM,  <cpolish@...ewest.net> wrote:
> ...
> Check out Markus Jacobsson et al, "A Practical Secure Physical Random
> Bit Generator", 1998, using the turbulence of airflow inside the drive
> as the source of randomness. Can't do much better than that.

how much turbulence does my SLC FDE make?

the reason i prefer on die is that pre-boot operations and/or host
init can make use of these sources via built-in facilities without
need for additional drivers to external devices that may in turn
require bus initialization and interrupt allocation, and so on, etc.

likewise, if bootstrapping a secure network requires strong random
numbers a network based entropy distribution setup to hosts without
their own physical sources is not so useful for that task.

there are many other considerations weighting toward on-die
implementations, like clock and sample rates, but proper hardware
entropy engineering is a verbose tangent way too long for this already
meandering discussion... [0]

:)



0. if you're really curious, check out Cryptographic Hardware and
Embedded Systems proceedings, any hw design texts by authors of these
proceedings, and then you'll know what your known unknowns are and can
brazenly blaze forward into the esoteric or halt early satisfyingly
convincing yourself that you could give two shits about what it takes
to build proper kit.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ