anelok: entropy assist

• Previous message: anelok: entropy assist
• Next message: anelok: entropy assist
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/19/2013 04:17 PM, Werner Almesberger wrote:
> Filling it with random numbers generated by a system that's good at
> producing high-quality entropy would allow Anelok to mix them with the
> bits it obtains from the hardware RNG.

My immediate gut reaction is that this feels like a very high-risk thing 
to do, as you not only have to trust the system that generated it, but 
also risk having things revealed retroactively if this file is ever 
stolen and its encryption broken.

However, the more I think about it, the more I feel like that reaction 
is overblown and those concerns may not be entirely valid, especially as 
long as the data is mixed into the pool instead of being used directly, 
and isn't reused repeatedly.

Basically, as long as it's done properly, like you said.

Also, it's far better than not having anything, when the RNG has failed 
for whatever reason.

I do wonder about the feasibility of extracting some random bits from 
the timing of the input wheel, though, similar to what Linux does with 
the keyboard. The wheel is much more limited than a keyboard, which may 
mean that we would get too little randomness from it for it to be very 
useful, but maybe as a last-ditch source if everything else fails?

-Frode

• Previous message: anelok: entropy assist
• Next message: anelok: entropy assist
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]