why is that onerng better than http://www.seeedstudio.com/wiki/FST-01 ?
why not fund something actually new ? On Tue, Dec 16, 2014 at 10:23 AM, Ben Laurie <b...@links.org> wrote: > > On 15 December 2014 at 19:18, ianG <i...@iang.org> wrote: > > > https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator > > > > About this project > > > > After Edward Snowden's recent revelations about how compromised our > internet > > security has become some people have worried about whether the hardware > > we're using is compromised - is it? We honestly don't know, but like a > lot > > of people we're worried about our privacy and security. > > > > What we do know is that the NSA has corrupted some of the random number > > generators in the OpenSSL software we all use to access the internet, and > > has paid some large crypto vendors millions of dollars to make their > > software less secure. Some people say that they also intercept hardware > > during shipping to install spyware. > > I don't really get the relevance to OpenSSL - Dual EC DRBG was > vulnerable regardless of the entropy source. And, as already > mentioned, not actually vulnerable in OpenSSL anyway. > > > We believe it's time we took back ownership of the hardware we use day to > > day. This project is one small attempt to do that - OneRNG is an entropy > > generator, it makes long strings of random bits from two independent > noise > > sources that can be used to seed your operating system's random number > > generator. This information is then used to create the secret keys you > use > > when you access web sites, or use cryptography systems like SSH and PGP. > > > > Openness is important, we're open sourcing our hardware design and our > > firmware, our board is even designed with a removable RF noise shield (a > > 'tin foil hat') so that you can check to make sure that the circuits that > > are inside are exactly the same as the circuits we build and sell. In > order > > to make sure that our boards cannot be compromised during shipping we > make > > sure that the internal firmware load is signed and cannot be spoofed. > > I am curious if there's any evidence that avalanche diodes and Zigbee > receivers are immune to outside influence (one would've thought not in > the case of the receiver, at least, which is designed to be influenced > by the outside)? > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography >
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography