[148531] in cryptography@c2.net mail archive
Re: [Cryptography] Fwd: [IP] 'We cannot trust' Intel and Via's
daemon@ATHENA.MIT.EDU (Sandy Harris)
Thu Dec 19 14:33:59 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <1758173.qJugRWNj0J@tauon>
Date: Thu, 19 Dec 2013 14:05:41 -0500
From: Sandy Harris <sandyinchina@gmail.com>
To: Cryptography <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Thu, Dec 19, 2013 at 12:04 PM, Stephan Mueller <smueller@chronox.de> wrote:
>>How do we safely initialize Yarrow or a another software RNG if the
>>CPU's hardware RNG is compromised ...
>
> There are various implementations of RNGs that use CPU execution timing
> variations as noise source. ...
>
> So, there are noise sources which do not depend on some black box.
>
> [1] http://www.issihosts.com/haveged/
> [2] http://dankaminsky.com/2012/08/15/dakarand/
> [3] http://jytter.blogspot.se/
> [4] http://www.chronox.de/
One more is:
ftp://ftp.cs.sjtu.edu.cn:990/sandy/maxwell/
Also, if you have an unused sound device or can add one,
a very good quality and quite high volume source is:
http://www.av8n.com/turbid/paper/turbid.htm
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
