[Cerowrt-devel] hwrngs
I am still quite irked by having to use /dev/urandom for important tasks like dnssec key generation, and in wireless WPA. And like others, distrust having only one source of random numbers in the mix. I just ordered some of these http://cryptotronix.com/2013/12/27/hashlet_random_tests/ Simultaneously while I was getting nsupdate dns working on cerowrt from the yurt to the dynamic ipv6 stuff, my main dns server died, and I decided I'd move dns to a beaglebone black, so running across this hwrng made me feel better about randomness on embedded systems. I bought the last 5 Joshua had, sorry about that! I'd like to find something that could run off the internal serial port on the wndr3800s... and worth incorporating in future designs. (multiple vendors) -- Dave Täht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html ___ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
Re: [Cerowrt-devel] hwrngs
Any idea what the price will be in quantity? The fact that it supports both BB black and RPi is great news for makers interested in authentication and security. On Saturday, February 1, 2014 11:11pm, "Dave Taht" said: > I am still quite irked by having to use /dev/urandom for important > tasks like dnssec key generation, and in wireless WPA. And like > others, distrust having only one source of random numbers in the mix. > > I just ordered some of these > > http://cryptotronix.com/2013/12/27/hashlet_random_tests/ > > Simultaneously while I was getting nsupdate dns working on cerowrt > from the yurt to the dynamic ipv6 stuff, my main dns server died, and > I decided > I'd move dns to a beaglebone black, so running across this hwrng made > me feel better about randomness on embedded systems. > > I bought the last 5 Joshua had, sorry about that! I'd like to find something > that could run off the internal serial port on the wndr3800s... and > worth incorporating in future designs. (multiple vendors) > > -- > Dave Täht > > Fixing bufferbloat with cerowrt: > http://www.teklibre.com/cerowrt/subscribe.html > ___ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel >___ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
Re: [Cerowrt-devel] hwrngs
On Sun, Feb 2, 2014 at 8:17 AM, wrote: > Any idea what the price will be in quantity? No. Pretty cheap, it's a very tiny board http://cryptotronix.com/2013/12/27/hashlet_random_tests/ I got a discount for 5, and he has a couple left... > The fact that it supports > both BB black and RPi is great news for makers interested in authentication > and security. yep. It is open hardware also, with a schematic supplied, open source driver (not a kernel driver yet), I was very happy to support this project. I have looked for usb equivalents, btw, and haven't found anything inexpensive. And in the case of cero I'd wanted something that could run on the internal serial header... I note that theoretically the BBB also has an on-cpu hwrng but documentation on it from TI is lacking. Perhaps someone could lean on TI to free that information up in the post-snowden era? (my take on it is the more hwrngs the better, one from china, one from russia, one from the USA...) /me goes back to converting his dns/mail/vpn server over to a BBB > > > > > > On Saturday, February 1, 2014 11:11pm, "Dave Taht" > said: > >> I am still quite irked by having to use /dev/urandom for important >> tasks like dnssec key generation, and in wireless WPA. And like >> others, distrust having only one source of random numbers in the mix. >> >> I just ordered some of these >> >> http://cryptotronix.com/2013/12/27/hashlet_random_tests/ >> >> Simultaneously while I was getting nsupdate dns working on cerowrt >> from the yurt to the dynamic ipv6 stuff, my main dns server died, and >> I decided >> I'd move dns to a beaglebone black, so running across this hwrng made >> me feel better about randomness on embedded systems. >> >> I bought the last 5 Joshua had, sorry about that! I'd like to find >> something >> that could run off the internal serial port on the wndr3800s... and >> worth incorporating in future designs. (multiple vendors) >> >> -- >> Dave Täht >> >> Fixing bufferbloat with cerowrt: >> http://www.teklibre.com/cerowrt/subscribe.html >> ___ >> Cerowrt-devel mailing list >> Cerowrt-devel@lists.bufferbloat.net >> https://lists.bufferbloat.net/listinfo/cerowrt-devel >> -- Dave Täht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html ___ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
Re: [Cerowrt-devel] hwrngs
Ordered the RPi version (5 more in stock, if anyone wants one). Thanks, Dave! On Sunday, February 2, 2014 11:25am, "Dave Taht" said: > On Sun, Feb 2, 2014 at 8:17 AM, wrote: > > Any idea what the price will be in quantity? > > No. Pretty cheap, it's a very tiny board > > http://cryptotronix.com/2013/12/27/hashlet_random_tests/ > > I got a discount for 5, and he has a couple left... > > > The fact that it supports > > both BB black and RPi is great news for makers interested in authentication > > and security. > > yep. > > It is open hardware also, with a schematic supplied, open source > driver (not a kernel driver yet), I was very happy to support this > project. > > I have looked for usb equivalents, btw, and haven't found anything > inexpensive. And in the case of cero I'd wanted something that could > run > on the internal serial header... > > I note that theoretically the BBB also has an on-cpu hwrng but > documentation on it from TI is lacking. Perhaps someone could lean on > TI to free that information up in the post-snowden era? > > (my take on it is the more hwrngs the better, one from china, one from > russia, one from the USA...) > > /me goes back to converting his dns/mail/vpn server over to a BBB > > > > > > > > > > > > > On Saturday, February 1, 2014 11:11pm, "Dave Taht" > > > said: > > > >> I am still quite irked by having to use /dev/urandom for important > >> tasks like dnssec key generation, and in wireless WPA. And like > >> others, distrust having only one source of random numbers in the mix. > >> > >> I just ordered some of these > >> > >> http://cryptotronix.com/2013/12/27/hashlet_random_tests/ > >> > >> Simultaneously while I was getting nsupdate dns working on cerowrt > >> from the yurt to the dynamic ipv6 stuff, my main dns server died, and > >> I decided > >> I'd move dns to a beaglebone black, so running across this hwrng made > >> me feel better about randomness on embedded systems. > >> > >> I bought the last 5 Joshua had, sorry about that! I'd like to find > >> something > >> that could run off the internal serial port on the wndr3800s... and > >> worth incorporating in future designs. (multiple vendors) > >> > >> -- > >> Dave Täht > >> > >> Fixing bufferbloat with cerowrt: > >> http://www.teklibre.com/cerowrt/subscribe.html > >> ___ > >> Cerowrt-devel mailing list > >> Cerowrt-devel@lists.bufferbloat.net > >> https://lists.bufferbloat.net/listinfo/cerowrt-devel > >> > > > > -- > Dave Täht > > Fixing bufferbloat with cerowrt: > http://www.teklibre.com/cerowrt/subscribe.html >___ Cerowrt-devel mailing list Cerowrt-devel@lists.bufferbloat.net https://lists.bufferbloat.net/listinfo/cerowrt-devel
