On 7/13/10, Perry E. Metzger <pe...@piermont.com> wrote: > It is disturbing to me that people oppose this so much.
Yes. A hardware RNG seems an obvious Good Thing. Not a complete solution, but a very useful component. > For a lot of applications -- servers run in isolation, networking > equipment, etc. -- having hardware RNGs available is a really big win, > because there is no good local source of randomness. (We had a long > discussion of ways to mitigate this some time ago.) Plugging in an > external unit is not going to happen in practice. If it isn't nearly > free and built in, it won't be used. IPsec gateways and web servers doing a lot of SSL are obvious cases. Neither has much mouse or keyboard activity, they may have solid state drives or smart RAID so disk timings are not random. Packet timings might be somewhat random, but they may also be knowable by an enemy. > I would suggest that in most cases, you are better off with a very > very mildly untrusted but ubiquitous hardware RNG than with the kinds > of kludges to get random numbers on unattended hardware we end up with > in the real world. In some cases, a non-kludge alternative is Turbid: http://www.av8n.com/turbid/paper/turbid.htm That uses a sound card or on-board equivalent. Some boards will have this, or it is cheap & easy to stick in a slot. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
