Bill Frantz <fra...@pwpconsult.com> wrote: > Short of building special random number generation hardware, does > anyone have any suggestions for additional sources?
Any unused input device with noise can be used. Examples: Soundcard: http://www.av8n.com/turbid/ Camera: http://www.lavarnd.org/ If anything in the system changes a lot, like processes starting and stopping or files opening & closing, periodically hashing the tables that describe that state is useful. Is your threat model one-sided? e.g. for a home router, attacks from the Internet side might be more of a worry than attacks from the LAN. In that case, things like packet timing on the LAN side are unknown to the feared attacker. Also, if you are doing NAT, the port numbers on the LAN side since those are not sent outside. If the device does any crypto, mixing ciphertext into the pool is nowhere near ideal since you would not be encrypting unless some enemy might get the text and using things an an enemy can get is exactly what you do not want here. However, it is cheap and random-looking, and the volume is proportional to the amount of crypto done, so it might help in some cases. -- Sandy Harris, Quanzhou, Fujian, China --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com