On Sun, 08 Jun 2014 08:35:21 +1000 Andrew McGlashan <andrew.mcglas...@affinityvision.com.au> wrote:
> It seems that a /true/ hardware RNG that isn't pseudo is required, > anything less is subject to some kind of attack. This would be the best (bestofzebest is the measure of the decay of a radioactive element… which will be feasible in one or two months, when Fukushima streams will reach the us west coast;) There are also some devices (USB or PCI), but they almost have all the same problem: they're manufactured in the usa or in uk (so, credibility, from 0 to 10, is ~ -100) :( > I am sure that Intel tried to get the Linux /dev/random to rely > solely on it's CPU solution (RNG), but that was considered a risk > and therefore such input is only used as ONE component. Using > many components, including the Intel one, is a method of getting > better random numbers. Yeah, that's in all serious papers. > Given the 2013 paper, I would have to say that it is very likely > that this would have been followed up upon, but I can't find a > reference. Perhaps you can start a new thread for this concern and > see what comes back. ZE problem is: in 2013, there were major changes in the random section of the kernel (for both urandom and random), so, the question is: when was this paper issued? I'd say before these changes (it doesn't mention them), thus, at least /dev/random might be cleared from these flaws, which makes it quite a good candidate for crypto (on the condition that random sources often run on the machine, ie: web radio & DVB dongle). -- Amélie : Hey have you got Home Sweet Alabama? L i s a . : Invert the first two words and I surely could find that Amélie : have hey you got Home Sweet Alabama? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140608005329.22c8ac27@anubis.defcon1
