Honestly, I’d like to add CPU Jitter to OpenSSL as one of its default entropy sources. I dread the effort that this would entail.
Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 16 Aug 2019, at 8:28 pm, Chitrang Srivastava > <chitrang.srivast...@gmail.com> wrote: > > Thanks Pauli, > > I did checked CPU Jitter and it looks promising. It has openssl engine > support too. > So i guess I have to add this add provide OS specific calls and it should > work. > Will keep you posted. > > Thanks, > > > On Fri, Aug 16, 2019 at 3:15 PM Dr Paul Dale <paul.d...@oracle.com > <mailto:paul.d...@oracle.com>> wrote: > I investigated HAVEGE fairly deeply a couple of years ago. I am completely > in agreement with the basis of this source, however the sticking point was > the “expansion” phase. Essentially, every bit of entropy gathered is turned > into (just under) thirty two bits of “entropy”. This is logically and > physically impossible. As a source, it appears reasonable to the usual tests > (i.e. dieharder), although TestU01 <https://en.wikipedia.org/wiki/TestU01> > does pick up on it being less than ideal. > > I would, however, recommend Stephan Müller's CPU Jitter > <https://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.html>. The gathering is > well researched and performed, no hidden tricks are present and the bits > produces are equiprobable. > > > Pauli > -- > Dr Paul Dale | Distinguished Architect | Cryptographic Foundations > Phone +61 7 3031 7217 > Oracle Australia > > > > >> On 16 Aug 2019, at 7:31 pm, Robert Moskowitz <r...@htt-consult.com >> <mailto:r...@htt-consult.com>> wrote: >> >> >> >> On 8/16/19 5:26 AM, Chitrang Srivastava wrote: >>> Hi, >>> >>> I am working on an embedded platform and now ported openssl 1.1.1b >>> TLS 1.2/1.3 is working fine. >>> While analysing random number , Rand pool initialization calls where I am >>> returning like this , >>> size_t rand_pool_acquire_entropy(RAND_POOL *pool) >>> { >>> return rand_pool_entropy_available(pool); >>> } >>> As noticed that rand_unix.c has an implementation wcih samples 2 bits of >>> RTC, would that give enough entropy or any other recommendation to have >>> enough entropy for embedded platforms? >> >> >> Check out: https://issihosts.com/haveged <https://issihosts.com/haveged> >> >> I talk about it here: >> http://www.htt-consult.com/CentOS7-armv7.html#RANDOMNESS >> <http://www.htt-consult.com/CentOS7-armv7.html#RANDOMNESS> >> >> >
