[cryptography] [liberationtech] Random number generator failure in Rasperri Pis?

Nico Williams nico at cryptonector.com
Fri Jul 19 18:26:17 EDT 2013


On Fri, Jul 19, 2013 at 4:52 PM, Lodewijk andré de la porte
<l at odewijk.nl> wrote:
> 2013/7/19 Mahrud S <dinovirus at gmail.com>
>> Isn't the thermal noise a good enough entropy source? I mean, it's a $25
>> computer, you can't expect much of it.
>
> "See, sir, you shouldn't wonder why all your data isn't actually encrypted.
> You shouldn't think it's weird that nothing is secure on your pc. And that
> everyone can fake your digital signature shouldn't surprise you either. Your
> computer was only $25. I mean, what'd you expect?"

Reminder: the blog post in question was about how *much* better the HW
RNG on the rpi was than some crappy PRNG.  A bit of a strawman, yes,
but no way can that even remotely be confused with a complaint about
the rpi's HW RNG.

> If it cannot do what it claims, than it shouldn't claim to be able to do so.
> We're application layer here, so the OS should put a stop to people getting
> bad random numbers. If that means the OS takes 20 seconds to make a random
> on a $25 pc, that's okay. It never guaranteed us to be quick. It's not okay
> to give us band random numbers. Ever.
>
> A hardware RNG is just another source of entropy I think. But it seems the
> Raspberry Pi's RNG should generate random numbers completely on its own.
> Without proofs that's a no-no. Not sure that FIPS test is enough proof.

The rpi's HW RNG is almost certainly better than many /dev/*random
implementations running as VM guests.  How much real business is
getting transacted on VMs nowadays?  Probably a lot.

Nico
--


More information about the cryptography mailing list