-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aloha!
Carlos Abellan wrote: > If I understand correctly, the “avalanche noise” generator is the > entropy source that will be used in the current HSM design, right? > Would you find interesting to generalise the concept of the entropy > source component in the CrypTech project? (the idea being that > additional entropy sources can be easily added/exchanged depending > on who builds the module). The Cryptech HSM design supports multiple entropy sources. Currently we use two entropy sources - the external avalanche noise source and the (FPGA) internal oscillator jitter based source. There is already a third slot available that allows you to connect an additional entropy source such as the one you have. See the ports for entropy2 in the interface for the mixer: https://trac.cryptech.is/browser/core/rng/trng/src/rtl/trng_mixer.v > Also, are you working on “health monitoring” and “entropy > estimation” for the raw RNG source? If so, where can I found the > details of the procedure? On-line health monitoring is in the plans for TRNG 2.0. The basis would be at least a subset of the tests in AIS31. The main purpose of these tests would be to detect that an entropy source is not broken. Typically stuck at a given value, long runs, mean and variance tests that can be implemented as on-line tests. It is the responsibility of the entropy source interface module to inform the mixer that it is able to deliver entropy suitable for mixing. The same mechanism allows the entropy source to give itself some warm-up time if needed. There has also been work done to implement start up-tests that the HSM will use internally. These tests are executed by the HSM internal CPU and is based on extracting MBytes of random numbers generated data from the RNG and doing fairly extensive tests. Similar to Mauer´s test, DIEHARD etc. > Is 20 kbit/s enough for an HSM module? Would the module benefit from > a faster generation rate? No. We need 2 kbit of entropy to generate the seed needed to start the csprng. As Bernd stated, when the csprng has been seeded and is generating random numbers, there is little need to reseed and we do that fairly infrequently. The HSM admin can adjust the reseed rate to whatever level seems appropriate for the use case. But in general, as long as you can wait the ms required to warm up the entropy sources and get the first seed properly, you don't really have any reason for having a very high capacity entropy source. - -- Med vänlig hälsning, Yours Joachim Strömbergson - Alltid i harmonisk svängning. ======================================================================== Joachim Strömbergson Secworks AB [email protected] ======================================================================== -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCAAGBQJYHDZ1AAoJEF3cfFQkIuyN9gQQAI3PbxneeSueLrWJNRaStYdK 82/vs2cqY2uQJwFowTVh7Nb1sIO/N6SAWMAOHPR8JmDrfyLcak8w2fUdT6bUco81 bQJeCdOiYQD4BHCPi/jI6YPfQOoDRKNBpBgB3lqmt/Lkuhhd5/u5Mo4HM8mIFgaE 5VXcAm3Qn6VELZPK+DdLQtuyjq3nDkep18FVx8KpSXdA160Hg9d623EdI4U/7y2x zWkYUUSrSzJ/XuugAm2Iil+evGaJa4irxgUiChwSulqqybrX46gL4g/4cKXcyuAQ WOSOSYIwo80uqTFElWmxHaIwX60zwI+mtTthOsHc3Pu3QuCtyMxPNLHFNFVLSlWr hoRritqtYwdIMn8nI5UxjEya9xFs5JVETsxT+vdgY4hIsJ8UwzVxGLLMtboC41Zb vkp9dSVLqqZJ7mrvg2Gjut+JkOxbhkMEnLjzVAwC4nklEFhWlrQ0upOp4zxviSTb M5sU96qJ0ichPVRSO0KsTVsMZl7Do1WwfmVTq3o2lBwjMiNySdMt1NypKP2PDWCA r4TSVkuSBYFvvTV6TKiMLwG279R+dB2171fcY2VVhbBBTST97OBsngKkNQstZ95a GOBy6Wj3TUjGfDumOCFhoJCx5vF4h5MNtdexzk+USMncTYjpsGAoKra8EUAMvtVQ 4OtexvTaWTbZI/+JLn2H =RDfE -----END PGP SIGNATURE----- _______________________________________________ Tech mailing list [email protected] https://lists.cryptech.is/listinfo/tech
