On Fri, Oct 18, 2013 at 01:17:13AM -0700, coderman wrote:
On Fri, Oct 18, 2013 at 12:54 AM, Eugen Leitl <eugen@leitl.org> wrote:
... We do not want a dinky little entropy drip. We want a regular firehose.
entropy firehose: 4 x 1.0Ghz Padlock engines with 2 physical noise sources per core (8 total) http://store.viatech.com/protected/product/frontProductDetail.action?id=9680
I have a couple older VIA C3 with hardware RNG, bought long ago for just that purpose. What kind of motherboard is in there, do you know?
depending on MSR configuration, number of sources contributing, type of rngdaemon processing, you can achieve 8 to 400Mbps of high quality, high assurance, high density entropy.
It is unauditable, just as any integrated RNG sources. Which is not that big of problem, if you mix in enough external entropy from a trusted source. The trusted source need to be sufficiently simple to be validated by inspection. You can source RTL-SDRs from many sources. All you need is to match impedance and output power from your analog white noise circuit to goldilocks level. In case anyone is interested, http://www.reddit.com/r/amateurradio/comments/1mro3q/wideband_white_noise_ge...
plenty of random for your off-line key generation needs, local network entropy distribution, virtio supply for guest VMs, unlimited source for full disk encryption initialization, high volume session establishment and network services, and any number of other concurrent uses.
i have yet to max out a source this prolific in any reasonable (non-bench mark) scenario.
this is just my favorite. there are lots of options if you look around far enough, and expend enough effort to interface with.
and of course you can always build you own. there are plenty of interesting options discussed in various Cryptographic Hardware and Embedded Systems proceedings and other published texts...
But there is still no simple kit you could directly plug into your coax socket. That is a threshold of entry too high for people who can't tell which part of the soldering iron is the hot one.