On Fri, Oct 18, 2013 at 1:37 AM, Eugen Leitl <eugen@leitl.org> wrote:
... I have a couple older VIA C3 with hardware RNG, bought long ago for just that purpose.
the same XSTORE enabled kernel (/dev/hw_random|/dev/hwrandom), rngd (rng-tools pkg) will work on the models linked.
What kind of motherboard is in there, do you know?
E-series P910 Pico-ITX: http://www.viaembedded.com/en/products/boards/1950/1/EPIA-P910.html http://www.viaembedded.com/en/products/boards/1830/1/VIA_QuadCore_E-Series.h...
It is unauditable, just as any integrated RNG sources.
the XSTORE instruction can be put in truly raw sample mode, at elevated sample rate. do much more thorough userspace entropy daemon processing on the raw sources, mix to obscure state and compress for desired entropy density adjustments (some consumers are picky) among other entropy pool and CSPRNG hygiene, and you've solved your entropy contention problems! determining the proper state of a hardware raw source like this is a longer discussion, and sadly very implementation/architecture specific.
In case anyone is interested, http://www.reddit.com/r/amateurradio/comments/1mro3q/wideband_white_noise_ge...
yes, they work great. but they're not readily available, and as an entropy source they're still low bit rate. you've got at best ~8Mhz of sample with a low entropy density; effective consumer entropy production from this setup will be a fraction of this rate. the RTL2832U and Elonics E4000 are both limited this way...
But there is still no simple kit you could directly plug into your coax socket. That is a threshold of entry too high for people who can't tell which part of the soldering iron is the hot one.
no argument here. some people like the ARM TrustZone entropy sources, which are very accessible in recent gear spanning consumer space... i still don't like any TrustZone for entropy though. YMMV ah well, they keep getting smaller / faster / better ... just be patient?