[cryptography] OneRNG kickstarter project looking for donations

Francisco Guerreiro francisg at fnop.net
Tue Dec 16 06:06:01 EST 2014


why is that onerng better than http://www.seeedstudio.com/wiki/FST-01 ?

why not fund something actually new ?

On Tue, Dec 16, 2014 at 10:23 AM, Ben Laurie <ben at links.org> wrote:
>
> On 15 December 2014 at 19:18, ianG <iang at iang.org> wrote:
> >
> https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator
> >
> > About this project
> >
> > After Edward Snowden's recent revelations about how compromised our
> internet
> > security has become some people have worried about whether the hardware
> > we're using is compromised - is it? We honestly don't know, but like a
> lot
> > of people we're worried about our privacy and security.
> >
> > What we do know is that the NSA has corrupted some of the random number
> > generators in the OpenSSL software we all use to access the internet, and
> > has paid some large crypto vendors millions of dollars to make their
> > software less secure. Some people say that they also intercept hardware
> > during shipping to install spyware.
>
> I don't really get the relevance to OpenSSL - Dual EC DRBG was
> vulnerable regardless of the entropy source. And, as already
> mentioned, not actually vulnerable in OpenSSL anyway.
>
> > We believe it's time we took back ownership of the hardware we use day to
> > day. This project is one small attempt to do that - OneRNG is an entropy
> > generator, it makes long strings of random bits from two independent
> noise
> > sources that can be used to seed your operating system's random number
> > generator. This information is then used to create the secret keys you
> use
> > when you access web sites, or use cryptography systems like SSH and PGP.
> >
> > Openness is important, we're open sourcing our hardware design and our
> > firmware, our board is even designed with a removable RF noise shield (a
> > 'tin foil hat') so that you can check to make sure that the circuits that
> > are inside are exactly the same as the circuits we build and sell. In
> order
> > to make sure that our boards cannot be compromised during shipping we
> make
> > sure that the internal firmware load is signed and cannot be spoofed.
>
> I am curious if there's any evidence that avalanche diodes and Zigbee
> receivers are immune to outside influence (one would've thought not in
> the case of the receiver, at least, which is designed to be influenced
> by the outside)?
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20141216/4c56fc5d/attachment.html>


More information about the cryptography mailing list