If you want slow, you can get a geiger counter from Sparkfun/etc. for ~$99, but you're not going to get anything intentionally radioactive shipped cheap from China.
Could you hack a smoke detector? They use (IIRC) Americanium decay to ionise an air path to a detector. You might be able to use the voltage variation in that circuit with very little modification, without even opening the case perhaps (which is good, because Americanium is supposedly somewhat toxic)? Of course, then you'd have to watch out that an attacker doesn't smoke in the same room as your entropy source... ;) On Thu, 17 Oct 2013 13:45:10 -0700 Bill Stewart <bill.stewart@pobox.com> wrote:
At 09:56 AM 10/17/2013, grarpamp wrote:
I'd guess that with good sources, today's prng code is sufficiently strong and at least some unix systems do save state across reboot.
Now if someone would just sell a completely open discrete logic serial port hw entropy source for under $50... that would end a lot of the talk. Even with a more costly radiation source rather than other phenomena you'd still likely make good profit in quantity from China at that price.
First of all, lots of important hardware doesn't have ports on it, particularly virtual machines, which have a whole raft of issues even if you're running them on a server you physically control rather than somebody else's cloud service. The server has some ports, but you need to make sure your hypervisor and clients have drivers that will let the client access the hypervisor's /dev/random or equivalent. VMware will have to do their own; you might contribute to OpenStack.
Another important kind of hardware where that doesn't work are home routers, because the market price of $29-99 can't support much extra money for randomness hardware; if it's not in the ARM core or whatever other low-power cheap CPU, then it's only going to be able to extract entropy from timing and network traffic, and there's unlikely to be a high-precision clock chip. Maybe you can get the manufacturer to burn a pseudo-random number into the box along with the ethernet MAC or something, but otherwise it's going to have to be software. (So maybe you can augment Tomato/WRT-11/etc to listen for traffic for a while before starting, and write an app for your PC that beacons some entropy for the router to listen to?)
As far as your entropy dongle goes, the only way to get it cheap is to make large volumes, which means you need a device that's intended for some other application, like a $20 TV tuner/audio frob or a webcam in a dark can getting CCD noise, or a webcam you wave at. If you want speed, you need USB, not serial, but that's fine, because almost nobody's including real serial ports these days. If you want slow, you can get a geiger counter from Sparkfun/etc. for ~$99, but you're not going to get anything intentionally radioactive shipped cheap from China.