On Fri, Oct 18, 2013 at 01:17:13AM -0700, coderman wrote: > On Fri, Oct 18, 2013 at 12:54 AM, Eugen Leitl <[email protected]> wrote: > > ... > > We do not want a dinky little entropy drip. We want a > > regular firehose. > > > entropy firehose: 4 x 1.0Ghz Padlock engines with 2 physical noise > sources per core (8 total) > http://store.viatech.com/protected/product/frontProductDetail.action?id=9680
I have a couple older VIA C3 with hardware RNG, bought long ago for just that purpose. What kind of motherboard is in there, do you know? > depending on MSR configuration, number of sources contributing, type > of rngdaemon processing, you can achieve 8 to 400Mbps of high quality, > high assurance, high density entropy. It is unauditable, just as any integrated RNG sources. Which is not that big of problem, if you mix in enough external entropy from a trusted source. The trusted source need to be sufficiently simple to be validated by inspection. You can source RTL-SDRs from many sources. All you need is to match impedance and output power from your analog white noise circuit to goldilocks level. In case anyone is interested, http://www.reddit.com/r/amateurradio/comments/1mro3q/wideband_white_noise_generator_circuit/ > plenty of random for your off-line key generation needs, local network > entropy distribution, virtio supply for guest VMs, unlimited source > for full disk encryption initialization, high volume session > establishment and network services, and any number of other concurrent > uses. > > i have yet to max out a source this prolific in any reasonable > (non-bench mark) scenario. > > > this is just my favorite. there are lots of options if you look around > far enough, and expend enough effort to interface with. > > > and of course you can always build you own. there are plenty of > interesting options discussed in various Cryptographic Hardware and > Embedded Systems proceedings and other published texts... But there is still no simple kit you could directly plug into your coax socket. That is a threshold of entry too high for people who can't tell which part of the soldering iron is the hot one.
