[onerng talk] design decision questions
Gerd v. Egidy
lists at egidy.de
Mon Dec 29 16:44:42 GMT 2014
On Monday 29 December 2014 22:44:35 Paul Campbell wrote:
> (sorry to take so long to reply, I'm travelling, slowly moving my timezone
> ....)
no problem, you still beat most commercial vendors by far.
> I actually build my first prototype with 3 noise sources , and discarded the
> ones that didn't seem to be stable (for example the thermal noise RNG I
> built seemed particularly susceptible to external noise which is bad).
Do you still have the schematics of the discarded noise sources and data on
their behavior? I think that is interesting from a point of learning and not
making the same mistakes again.
> we sign the image in the device, the internal CPU doesn't have the oomph to
> do crypto in software, but does have an AES unit so it could .... but if we
> can't trust RNGs we can't trust our own AES that we can't realistically
> validate ... that doesn't mean that someone else can't use the AES to
> encrypt the USB connection - that's what the programmer is for :-)
Let's say you connect the hwrng to a server in a colocation center. Then you
know you put a trusted hwrng there. But after a reboot of your server you
don't know what kind of device is connected now. Or they could tap into the
live usb connection.
For that scenario it would make sense to have encryption and mac on the usb
line. If someone wants to break your rng now, he has to dissect your potted
hwrng and somehow get at it's private keys. Only then he can create a falsified
clone. Very hard to do in the short downtime available till you get
suspicious.
Kind regards,
Gerd
More information about the Discuss
mailing list