[cryptography] OneRNG kickstarter project looking for donations

Kevin kevinsisco61784 at gmail.com
Tue Dec 16 10:59:44 EST 2014


On 12/16/2014 6:06 AM, Francisco Guerreiro wrote:
> why is that onerng better than http://www.seeedstudio.com/wiki/FST-01 ?
>
> why not fund something actually new ?
>
> On Tue, Dec 16, 2014 at 10:23 AM, Ben Laurie <ben at links.org 
> <mailto:ben at links.org>> wrote:
>
>     On 15 December 2014 at 19:18, ianG <iang at iang.org
>     <mailto:iang at iang.org>> wrote:
>     >
>     https://www.kickstarter.com/projects/moonbaseotago/onerng-an-open-source-entropy-generator
>     >
>     > About this project
>     >
>     > After Edward Snowden's recent revelations about how compromised
>     our internet
>     > security has become some people have worried about whether the
>     hardware
>     > we're using is compromised - is it? We honestly don't know, but
>     like a lot
>     > of people we're worried about our privacy and security.
>     >
>     > What we do know is that the NSA has corrupted some of the random
>     number
>     > generators in the OpenSSL software we all use to access the
>     internet, and
>     > has paid some large crypto vendors millions of dollars to make their
>     > software less secure. Some people say that they also intercept
>     hardware
>     > during shipping to install spyware.
>
>     I don't really get the relevance to OpenSSL - Dual EC DRBG was
>     vulnerable regardless of the entropy source. And, as already
>     mentioned, not actually vulnerable in OpenSSL anyway.
>
>     > We believe it's time we took back ownership of the hardware we
>     use day to
>     > day. This project is one small attempt to do that - OneRNG is an
>     entropy
>     > generator, it makes long strings of random bits from two
>     independent noise
>     > sources that can be used to seed your operating system's random
>     number
>     > generator. This information is then used to create the secret
>     keys you use
>     > when you access web sites, or use cryptography systems like SSH
>     and PGP.
>     >
>     > Openness is important, we're open sourcing our hardware design
>     and our
>     > firmware, our board is even designed with a removable RF noise
>     shield (a
>     > 'tin foil hat') so that you can check to make sure that the
>     circuits that
>     > are inside are exactly the same as the circuits we build and
>     sell. In order
>     > to make sure that our boards cannot be compromised during
>     shipping we make
>     > sure that the internal firmware load is signed and cannot be
>     spoofed.
>
>     I am curious if there's any evidence that avalanche diodes and Zigbee
>     receivers are immune to outside influence (one would've thought not in
>     the case of the receiver, at least, which is designed to be influenced
>     by the outside)?
>     _______________________________________________
>     cryptography mailing list
>     cryptography at randombit.net <mailto:cryptography at randombit.net>
>     http://lists.randombit.net/mailman/listinfo/cryptography
>
>
>
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
Nuk isn't very flexible.  So the product is original.


-- 
Kevin



---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20141216/89b61947/attachment-0001.html>


More information about the cryptography mailing list