[onerng talk] Fwd: [Cryptography] A review per day of TRNGs: OneRNG

[Paul Campbell]

On Wed, 22 Oct 2014 17:25:53 ianG wrote:
> They also disabled programming over USB, so nasty malware cannot subvert
> the device.  This is a limitation of Rob Seward's design that he wisely
> states in his documentation.  However, it is possible to intercept a
> OneRNG in the mail, and reprogram it in nasty ways.  Users who are
> particularly concerned about this possibility are encouraged to re-flash
> the device themselves.

I'm in the process of releasing  boot time firmware verification - essentially 
there is a mode which allows one to dump the firmware contents, the firmware 
image in the ROM is GPG signed and the boot time code checks this, if it fails 
it gets logged and the entropy feeder is disabled. 

To make sure that someone can't just embed a good image in a larger evil one 
and serve that up when asked I'm only signing entire ROM images and filling the 
empty space with random data to make it uncompressible  - this makes 
programming take far longer, I spent much of the past month on the programming 
system, it's still slow but much faster than before.

Those of you who have OneRNGs at the moment have unsigned firmware images, 
there will be a way to disable verification so you can continue to use them.

	Paul