|
|
|
|
|
|
by jaseg
4641 days ago
|
|
|
I would seriously advise anybody from using this device. Designing a hardware true random number generator takes a lot of effort that this design is evidently lacking. For example, there is no whitening whatsoever. Even worse, the firmware includes a line of code that ensures that the "RNG" never outputs the same "random" number twice in a row. Also, usually HW RNGs include a firmware module that is constantly monitoring the entropy output and shutting off the generator in case of it sinking below a certain threshold to detect hardware failure and prevent it from causing predictable output. Some more information on this subject can be found at Wikipedia: https://en.wikipedia.org/wiki/Hardware_random_number_generat...
I do not want to discourage anybody from working on such things. I think this is a nice project idea and a very good opportunity to learn a lot about random numbers. Please, though, always put a big warning on any crypto things you designed youself and do not present them as a finished product. [edit]s/such a/this/1[/edit] |
|
|
This sentence reminded me of the recent revelation of some smartcards:
http://arstechnica.com/security/2013/09/fatal-crypto-flaw-in...
Afaik the failure was exactly that there was insufficient HW failure detection.
edit:
> Even worse, the firmware includes a line of code that ensures that the "RNG" never outputs the same "random" number twice in a row.
Also this reminds me of another anecdote. In math/stats class teacher told us of a experiment where two people were to write a 100 digit random sequence of 0s and 1s on a paper. One person was to use a coin flip, an the other was to just make the bits up. Then the person administering the experiment would take the sequences and guess which one was true random (coin flipped) and which one was human-generated. The trick being that humans tend to avoid repetition, and the one with (iirc) 6 consecutive 0s or 1s was most likely true random.