"David W. Schultz" <[email protected]> writes: > My favorite source of entropy is the user. Run something like a linear > feedback shift register (or just run AES over and over) until the user > does some randomly timed thing. In other words, shuffle the bits until > the user stops it. For bonus points, save the result to nonvolatile > memory and use that as the starting point the next time you shuffle > bits.
Well, right now we start transmitting right at boot time to locate all of the remote devices, so we don't have any user input at that poiint. > It doesn't have to be perfect, just unpredictable. However, later on, we *do* have lots of user input on the LCO end and can use that as a source of entropy. I think it would be sufficient to just add a 64-bit random nonce to the packets and leave the rest of the protocol alone. Seed it from whatever random state we can get out of the unit at boot time (floating ADC pins, random data from the radio, etc) and then stir in entropy from the user as we go, then run a PRNG on top of that. > 64 bits? Wow. Heat death of the universe time scales here. :-) It's not like we're constrained by bandwidth here :-) > The weak point in the system will then probably be the users selection > of an AES key. They are unlikely to select a strong key. Perhaps another > application for those randomly shuffled bits. Right now, we're generating the AES keys at the 'factory' using a strong source of entropy (http://altusmetrum.org/ChaosKey/) -- -keith
signature.asc
Description: PGP signature
_______________________________________________ altusmetrum mailing list [email protected] http://lists.gag.com/mailman/listinfo/altusmetrum
