The VIA Technologies C7 cpus had a hardware random number generator and hardware acceleration for SHA variants (both encrypt and decrypt). It was reported to consume less than one square mm of die space. And the cpu was hands down the best at encryption / decryption of any x86 cpu due solely to the hardware acceleration. I have one here if anyone would like to see an example. For a circa 2005 Geek.com article I wrote some apps to test random number distribution. At 40C and below it was perfect on very large samples. Above 40C it began weighing heavily toward 0 and 255 for 8-bit generated bytes.
Maybe we could talk to Freescale or Marvell about incorporating a similar feature in future products. Or as an inexpensive FreedomBox add-on motherboard component. I'd suspect if it were on-die it would be a great boost to their offerings for all products actually. Am more than willing to help out on software needs. Will take a look at whatever I can. Best regards, Rick C. Hodgin -------- Original Message -------- From: Sandy Harris <[email protected]> Sent: Sat, May 26, 2012 11:35 PM To: freedombox list <[email protected]> CC: Subject: Re: [Freedombox-discuss] Developing code for Freedombox >Rick Hodgin <[email protected]> wrote: > >> I have desired since January to work on this project. However, the software >> tools in use were completely outside of my prior experience. >> >> As the weeks wear on and I see more and more videos about Freedombox, and >> listen to more and more speeches by Eben Moglen, I am moved from the inside >> to step up and offer my developer services. >> >> I don't know where to begin. I assume I need to get a FreedomBox device ... > >For some things, you would need that. There are other things you might >tackle without it. > >For one thing, there are dozens of applications that look likely to be >used on the Box, or at least are on various people's wish lists for >use there. Ideally, all of them would be thoroughly audited before >being deployed in a situation where security flaws might have very >serious consequences. You could make a start on that just running lint >(or gcc with strict options) on such applications, cleaning up and >problems you find and submitting patches wherever they need to go. > >The archives have a moderately long thread titled "crypto questions", >started by me and with others criticizing and/or improving my >suggestions. Parts of that give possible projects. > >One item discussed there is Bcrypt, a password system that aims to be >more secure. See: http://codahale.com/how-to-safely-store-a-password/ >That is already in the Debian repositories. I'd say a worthwhile small >project would be to work out how to make it default for the Box. > >Any crypto device needs a good random number generator and random(4) >is not enough for the Box. For some devices, HAVEGE looks fine, but >perhaps not for all devices that might become Freedombox servers. >There are two other possibilities, John Denker's Turbid and my >Maxwell, that might be useful. There are bug reports for both asking >that they be added to Debian. Both authors say they'll co-operate but >don't want responsibility for Debian package maintenance. Getting >either of those packaged would be a small project that might help Box >development. I'd say Turbid is much the more useful of the two. > >_______________________________________________ >Freedombox-discuss mailing list >[email protected] >http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
