Curious RNG stalemate [was: use of cpunks]
coderman
coderman at gmail.com
Fri Oct 18 01:59:44 PDT 2013
On Fri, Oct 18, 2013 at 1:37 AM, Eugen Leitl <eugen at leitl.org> wrote:
> ...
> I have a couple older VIA C3 with hardware RNG, bought long ago for just that purpose.
the same XSTORE enabled kernel (/dev/hw_random|/dev/hwrandom), rngd
(rng-tools pkg) will work on the models linked.
> What kind of motherboard is in there, do you know?
E-series P910 Pico-ITX:
http://www.viaembedded.com/en/products/boards/1950/1/EPIA-P910.html
http://www.viaembedded.com/en/products/boards/1830/1/VIA_QuadCore_E-Series.html
> It is unauditable, just as any integrated RNG sources.
the XSTORE instruction can be put in truly raw sample mode, at
elevated sample rate.
do much more thorough userspace entropy daemon processing on the raw sources,
mix to obscure state and compress for desired entropy density
adjustments (some consumers are picky)
among other entropy pool and CSPRNG hygiene,
and you've solved your entropy contention problems!
determining the proper state of a hardware raw source like this is a
longer discussion, and sadly very implementation/architecture
specific.
> In case anyone is interested,
> http://www.reddit.com/r/amateurradio/comments/1mro3q/wideband_white_noise_generator_circuit/
yes, they work great. but they're not readily available, and as an
entropy source they're still low bit rate. you've got at best ~8Mhz of
sample with a low entropy density; effective consumer entropy
production from this setup will be a fraction of this rate. the
RTL2832U and Elonics E4000 are both limited this way...
> But there is still no simple kit you could directly plug into your
> coax socket. That is a threshold of entry too high for people
> who can't tell which part of the soldering iron is the hot one.
no argument here. some people like the ARM TrustZone entropy sources,
which are very accessible in recent gear spanning consumer space... i
still don't like any TrustZone for entropy though. YMMV
ah well, they keep getting smaller / faster / better
... just be patient?
More information about the cypherpunks
mailing list