On 1/25/2016 7:41 PM, Bill Cox wrote:
I have low expectations for IoT vendors' TRNGs. When deadlines get
tight, good engineering on the TRNG is easy to drop. As long as they
whiten the output, it is very difficult to detect TRNG flaws, so there
is little incentive to put in much engineering. IIRC, the FIPS
standard requires vendors to be secretive about their TRNGs. They are
not allowed to give us access to the raw data from the entropy source,
and cannot show us schematics for their design, making it nearly
impossible to differentiate a well designed TRNG from an insecure one.
Sorry for the late response on this one...
You should take a quick look at NIST Draft SP800-90B, section 7.1
regarding how to do validation on entropy sources. While this is
still in draft form and doesn't yet trigger requirements in the FIPS
validation process, I would expect it will at some point. I would also
expect that new designers are probably making sure that this type of
interface is included in their products - to at least allow for the
possibility of validation.
Of course, if an IoT vendor isn't looking for FIPS validation (or some
other such process that requires at least a little testing), all bets
are off.
Later, Mike
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls