[openssl-users] PRNG is not seeded

chris.gray at kiffer.be chris.gray at kiffer.be
Sat Jun 2 17:20:37 UTC 2018


As it happens I am the proud owner of a made-in-UK Mathmos Lava Lamp and a
couple of their Space Projectors : however I don't use them as a RNG.

I am thinking more about the fact that there are a lot of devices which
 * have no hardware TRNG on board
 * do have one or more connections to wired or wireless internet and/or
wide-area networks and/or various other communications channels such as
BTLE or ZigBee
 * need to make a TLS/DTLS connection somewhere in order to be useful.

By "literally in the air" I mean the entropy that is flying around in
those radio channels or shared media; not the data which is being
transmitted, but the inter-arrival times / collisions / etc. generated by
a number of physically independent sources.

I am sceptical of using haveged on such devices; of course I should be
willing to test it and measure the results, but "measuring randomness" is
a tricky business so I would be happy to see the results of some research.
My own experiments in the past (with devices which had only a dial-up
connection to the mother ship) were singularly unsuccessful in generating
any useful degree of randomness.

Thanks anyway for the suggestions everyone.

> On 05/31/2018 03:03 PM, openssl-users-request at openssl.org distributed:
>> Date: Thu, 31 May 2018 18:45:02 +1000
>> From: FooCrypt <openssl at foocrypt.net>
>>
>> Place a teaspoon of fine grade white sand onto the skin of a snare drum
>
> Macroscopic hardware TRNGs are a *tad* yesteryear
>
> https://en.wikipedia.org/wiki/Lavarand
>
> because observing *quantum* random events doesn't require large devices
>
> https://en.wikipedia.org/wiki/Hardware_random_number_generator
>
> (not to mention being IIUC harder to influence by an attacker so as to
> make them lose randomness). Nonetheless, if you don't have the hardware
> (builtin TPM?) and cannot easily connect one to the given platform (as I
> suspect for the OP's architecture) ...
>
> For general computing platforms, I've taken to installing (and, of
> course, running and monitoring) haveged as a standard - on hosts *and*
> VMs. It can run in an AIS-31 test mode if you want to check out the
> entropy it collects.
>
> https://wiki.archlinux.org/index.php/Haveged
>
>>> On 31 May 2018, at 6:07 PM, chris.gray at kiffer.be wrote:
>>> I've also encountered this quite often, and I have a feeling that on
>>> today's connected devices there may be a lot of entropy "in the air"
>>> (quite literally) which is not being captured. Does any one know of
>>> research in this area?
>
> Not specifically for mobile phones or WiFi interfaces, if that's what
> you're referring to with "in the air". However, squeezing available
> entropy out of various less-than-predictable hardware and OS states is
> what *all* non-hardware entropy gatherers ultimately do, from the Linux
> kernel's /dev/random mechanisms to haveged to what-have-you.
>
> Regards,
> --
> Jochen Bern
> Systemingenieur
>
> www.binect.de
> www.facebook.de/binect
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>




More information about the openssl-users mailing list