[147854] in cryptography@c2.net mail archive
Re: [Cryptography] provisioning a seed for /dev/urandom
daemon@ATHENA.MIT.EDU (Bill Frantz)
Sun Oct 27 01:09:26 2013
X-Original-To: cryptography@metzdowd.com
Date: Sat, 26 Oct 2013 20:11:00 -0700
From: Bill Frantz <frantz@pwpconsult.com>
To: cryptography@metzdowd.com
In-Reply-To: <CADpjbE3Vs_gJJH76QJWXTCvyyFA5AS9tHD0qUPxqL14vP7K=Pg@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 10/26/13 at 12:49 PM, radix42@gmail.com (David Mercer) wrote:
>Note that on many (most?) data center grade rackmount servers you don't
>HAVE an audio port at all to run something like turbid against.
Pity. All that fan noise should make a good random source.
In all seriousness though, you can cut costs so far that you can
no longer implement a security architecture that depends on
cryptographic random numbers. If you need that kind of
architecture, then pay for a random source. Retrofitting a USB
dongle might be the cheapest solution for existing hardware. A
random source should be a required feature for new hardware
which will run applications requiring cryptographic random numbers.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"We used to quip that "password" is the most common
408-356-8506 | password. Now it's 'password1.' Who said
users haven't
www.pwpconsult.com | learned anything about security?" -- Bruce Schneier
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
