Using NTP to distribute entropy around a network?
Jim Cheetham
jim at gonzul.net
Sun Feb 16 22:27:56 GMT 2014
I'm reminded of an LCA2014 conversation I was having, about the
difficulty of distributing entropy around a network of machines,
especially virtual ones that won't have access to an HWRNG directly.
One thought was to use NTP, there are extensions in the protocol that
could be used to keep on shipping some data around.
I haven't looked in to this much, my initial concern is that you'd
have to encrypt the contents (because you don't want people knowing
your potential PRNG seeds), and I'm not sure NTP is up for that.
Also noticed recently another NZ hardware hacker is producing an
affordable NTP unit ... At that price I'd happily get one for home,
just for geekery.
>From NZNOG:
"""
David Zanetti has an NTP server he designed that will be in the $100
range when produced in small quantities.
Last notes online are here:
http://hairy.geek.nz/projects/hardware-ntp-server/ntp-server-project-history/
but I know he did some major work on it last year including placement
in an outdoor inclosure with PoE - so ideal for small network
operators.
"""
More information about the Discuss
mailing list