[onerng talk] design decision questions

Gerd v. Egidy lists at egidy.de
Mon Dec 29 16:44:42 GMT 2014


On Monday 29 December 2014 22:44:35 Paul Campbell wrote:
> (sorry to take so long to reply, I'm travelling, slowly moving my timezone
> ....)

no problem, you still beat most commercial vendors by far.
 
> I actually build my first prototype with 3 noise sources , and discarded the
> ones that didn't seem to be stable (for example the thermal noise  RNG I
> built seemed particularly susceptible to external noise which is bad).

Do you still have the schematics of the discarded noise sources and data on 
their behavior? I think that is interesting from a point of learning and not 
making the same mistakes again.

> we sign the image in the device, the internal CPU doesn't have the oomph to
> do crypto in software, but does have an AES unit so it could .... but if we
> can't trust RNGs  we can't trust our own AES that we can't realistically
> validate ... that doesn't mean that someone else can't use the AES to
> encrypt the USB connection - that's what the programmer is for :-)

Let's say you connect the hwrng to a server in a colocation center. Then you 
know you put a trusted hwrng there. But after a reboot of your server you 
don't know what kind of device is connected now. Or they could tap into the 
live usb connection.

For that scenario it would make sense to have encryption and mac on the usb 
line. If someone wants to break your rng now, he has to dissect your potted 
hwrng and somehow get at it's private keys. Only then he can create a falsified 
clone. Very hard to do in the short downtime available till you get 
suspicious.

Kind regards,

Gerd



More information about the Discuss mailing list