Full Disclosure mailing list archives
Re: how i stopped worrying and loved the backdoor
From: coderman <coderman () gmail com>
Date: Sat, 25 Dec 2010 14:57:04 -0800
On Sat, Dec 25, 2010 at 2:12 PM, <cpolish () surewest net> wrote:
... Check out Markus Jacobsson et al, "A Practical Secure Physical Random Bit Generator", 1998, using the turbulence of airflow inside the drive as the source of randomness. Can't do much better than that.
how much turbulence does my SLC FDE make? the reason i prefer on die is that pre-boot operations and/or host init can make use of these sources via built-in facilities without need for additional drivers to external devices that may in turn require bus initialization and interrupt allocation, and so on, etc. likewise, if bootstrapping a secure network requires strong random numbers a network based entropy distribution setup to hosts without their own physical sources is not so useful for that task. there are many other considerations weighting toward on-die implementations, like clock and sample rates, but proper hardware entropy engineering is a verbose tangent way too long for this already meandering discussion... [0] :) 0. if you're really curious, check out Cryptographic Hardware and Embedded Systems proceedings, any hw design texts by authors of these proceedings, and then you'll know what your known unknowns are and can brazenly blaze forward into the esoteric or halt early satisfyingly convincing yourself that you could give two shits about what it takes to build proper kit. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: how i stopped worrying and loved the backdoor, (continued)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 24)
- Re: how i stopped worrying and loved the backdoor BMF (Dec 24)
- Re: how i stopped worrying and loved the backdoor Dan Kaminsky (Dec 24)
- Re: how i stopped worrying and loved the backdoor Marsh Ray (Dec 24)
- Re: how i stopped worrying and loved the backdoor Marcio B. Jr. (Dec 24)
- Re: how i stopped worrying and loved the backdoor BMF (Dec 24)
- Re: how i stopped worrying and loved the backdoor cpolish (Dec 25)
- Re: how i stopped worrying and loved the backdoor BMF (Dec 25)
- Re: how i stopped worrying and loved the backdoor Dan Kaminsky (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- Re: how i stopped worrying and loved the backdoor coderman (Dec 25)
- backtrack-linux.org hacked? Darren Thurston (Dec 27)
- Re: backtrack-linux.org hacked? Григорий Братислава (Dec 27)
- Re: backtrack-linux.org hacked? coderman (Dec 27)
- Re: backtrack-linux.org hacked? Dave Nett (Dec 27)
- Re: backtrack-linux.org hacked? Christian Sciberras (Dec 27)
- Re: backtrack-linux.org hacked? coderman (Dec 27)
- Re: how i stopped worrying and loved the backdoor Marsh Ray (Dec 26)
- Re: how i stopped worrying and loved the backdoor decoder (Dec 27)