[cryptography] Kernel space vs userspace RNG

David Johnston dj at deadhat.com
Thu May 12 23:18:28 EDT 2016


On 5/9/2016 2:01 AM, Luca Testoni wrote:
> On 06/05/2016 18:12, Kevin wrote:
>> I may be way off but it seems to me that a colonel level RNG can only
>> pick up entropy from boot which means hardware noise.  Isn't that easy
>> to beat with an acoustic attack?  Maybe user space is a bit better
>> because you have more entropy to be gathered.
> Hi all, first time here
> Recently i've presented my thesis based on TRNG.
> I've made a circuit oscillator based on Chua's circuit that produce RN
> and pass the FIPS 140-2 test.
>
> The Phisical phenomenon that produce entropy in that case is the random
> oscillation of the tension inside the circuit.
>
Are you able to share the thesis?

Chua's circuit is next to useless in silicon for the usual reasons:
1) Inductors, capacitors and resistors are a problem in silicon.
2) We don't have a decent model of chaotic systems from which we can 
derive min entropy.
3) Confusing chaos for entropy is not necessarily the right thing to do.

But to some of us, all entropy sources are interesting.




More information about the cryptography mailing list