| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Oct 2008 21:47:29 -0400 From: Glenn Powers <glenn@...ning.com> To: linux-kernel@...r.kernel.org Subject: Perfectly Random This is a proposal for a linux kernel module. This module will transfer entropy to /dev/random from nuclear decay random number generators. Addition information on this method of entropy generation can be found at: http://www.fourmilab.ch/hotbits/ The lack of sufficient entropy is the Achilles Heel of cryptography and anyone who considers arithmetical methods of random sequence generation is, of course, in a state of sin. (D. Knuth, The Art of Computer Programming: Volume 2, Seminumerical Algorithms, 2nd edition, Addison-Wesley, 1981.) While I am quite familiar with sin, I often strive for something better. Although any reasonable time base can be used for entropy generation, the best "something better" I've found is a not-so-hot three way between rubidium, cesium and quartz. The ultra-high quality quartz oscillator, rubidium gas and associated control electronics, called "L-PRO" or LPRO atomic frequency standard (manufactured by Efratom, Datum and now Symmetricom) can be purchased on eBay for US$100-US$200. The cesium is for long-baseline intervals, such that including a Pioneer-like star charts on your storage media would probably be a good idea. Combined, this is my definition of "non-random." This precise time interval can be transferred to the linux kernel by constructing a TTL interface as described in the LPRO manual, connecting it to an available interrupt and changing the timer interrupt in the kernel. Rinse. Repeat. Among the interesting properties of nuclear radiation is that it is both truly random and truly linear, depending how you look at it. Averaged over time, the nuclear decay rate is perfectly linear. This property has been used for decades for carbon-dating. However, the exact instant of a nuclear event is dependent on the entire universe. This is makes it possible to extract entropy from four such events. It's a horse race between the time interval between the first and second events and the time interval between the third and four events. This method effectively decouples the decay rate from the entropy stream. These nuclear events can be sensed with an opto-isolated Gieger/Mullen and are combined with the 10 MHz TTL LPRO signal using a NAND gate, which is then connected to an available system interrupt. THE KERNEL MODULE WILL: Copy the current CPU clock tick of these interrupts to a ring buffer. THEN: A Linux-RTAI application will compute the entropy and transfer it to /dev/random, a database or a network interface. THEN: The system can be tuned. THEN: The best tunings can be incorporated into the "RandomNuclear" module. cheers, glenn -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists