On 05/31/2018 03:03 PM, openssl-users-request@xxxxxxxxxxx distributed: > Date: Thu, 31 May 2018 18:45:02 +1000 > From: FooCrypt <openssl@xxxxxxxxxxxx> > > Place a teaspoon of fine grade white sand onto the skin of a snare drum Macroscopic hardware TRNGs are a *tad* yesteryear https://en.wikipedia.org/wiki/Lavarand because observing *quantum* random events doesn't require large devices https://en.wikipedia.org/wiki/Hardware_random_number_generator (not to mention being IIUC harder to influence by an attacker so as to make them lose randomness). Nonetheless, if you don't have the hardware (builtin TPM?) and cannot easily connect one to the given platform (as I suspect for the OP's architecture) ... For general computing platforms, I've taken to installing (and, of course, running and monitoring) haveged as a standard - on hosts *and* VMs. It can run in an AIS-31 test mode if you want to check out the entropy it collects. https://wiki.archlinux.org/index.php/Haveged >> On 31 May 2018, at 6:07 PM, chris.gray@xxxxxxxxx wrote: >> I've also encountered this quite often, and I have a feeling that on >> today's connected devices there may be a lot of entropy "in the air" >> (quite literally) which is not being captured. Does any one know of >> research in this area? Not specifically for mobile phones or WiFi interfaces, if that's what you're referring to with "in the air". However, squeezing available entropy out of various less-than-predictable hardware and OS states is what *all* non-hardware entropy gatherers ultimately do, from the Linux kernel's /dev/random mechanisms to haveged to what-have-you. Regards, -- Jochen Bern Systemingenieur www.binect.de www.facebook.de/binect
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
