>OneRNG is an entropy source / hardware random number generator (HWRNG), designed to be connected via USB to your computer.
>Entropy is collected from an avalanche diode circuit and optionally an RF circuit, whitened and presented over a USB/Serial connection.
>The provision of entropy to your computer system is critical for any software security system to be effective. There are many potential sources of entropy, but the majority of them are susceptible to biases & attacks that can result in the subversion of your privacy & security. Many of these attacks are undetectable in normal working conditions.
>In order to address these problems, we present OneRNG. This is deliberately a simple device, which means that instead of having to blindly trust the hardware you are attaching to your computer, you have the ability to verify that the software and hardware of this device is to your standards.
>We are not aware of any other equivalent device that promotes this essential feature of security for you, the user.
TLDR: hardware level random number generator which is better than default because CPUs in a post NSA world have backdoors to make predictable encryption keys.
A good entropy source or hardware RNG is a worthwhile investment for any crypto enthusiast. It's also a nice DIY project. Connect it via RS232 and you don't have to trust a USB controller.
>components large enough to inspect with the naked eye
Sounds good. But with jewtel ME and system management mode (386+), attackers have a slight chance to read your plaintext before it even gets encrypted. This device is only useful in conjunction with airgapped computers.
TRNGs are a fun to play with, and have plenty of applications. For typical security (including key generation) don't bother. But for key generation en masse, ensuring multiple VMs have enough entropy in a server, or custom applications where a non-blocking supply of statistically random bits—or as close as you can get to this ideal—are needed, they are a worthy choice.
However most TRNGs have low throughput and are pretty shit without whitening. If you're going to bother at all imo, the BitBabbler "White" is what you want. Their website is worth a read even if you decide to go with another device: http://www.bitbabbler.org/
>>2873 open hardware spec is a worthy internet community pursuit. but, practically speaking, most people are nowhere near informed enough to discern an authentic component from a "compromised" one. more importantly, one should thoroughly test TRNGs on occasion to verify their operational fitness. even a common suite like dieharder will tell you more about the suitability of your hardware for security than eyeballing the circuit ever will, and will quickly root out a malfunctioning or compromised TRNG.
>>2875 You're supposed to verify against the schematics distributed by the original designer to make sure it hasn't been tampered with in transit. Multiple people with enough knowledge can verify that the original designer wasn't malicious.
>>2916 Jewtel almost certainly tampers with their CPU entropy sources (rdrand, etc.) and all that's needed to combat that is a better entropy source. I think you can mix "good" entropy with compromised and get something almost as useful.
>>3047 I'm referring to compromising the entropy sources used by specific individuals or a small group. With numerous other attack surfaces likely available possibly enabling just scooping up your data in the clear, they're generally not going to bother with your random number generators and keys.
There's no question that Intel's RDRAND sucks. But, honestly, homemade (DIY) entropy sources are generally worse than RDRAND. And many of the common off-the-shelf devices aren't great, either. But as you say: having one "good" source mixed in to the pool can do much to mitigate the problem.
>>3048 >having one "good" source mixed into the pool can do much to mitigate the problem
Therefore, randomess should be obtained from as many sources as possible. Diversity is our strength.
>>3081 >>3082 These look like really fun projects, but note some troubling comments regarding the performance of these circuits that might be worth keeping in mind if you decide to build them: https://forum.arduino.cc/index.php?topic=161682.0 >It seems that the raw signal doesn't follow the uniform distribution whatsoever and whitening is necessary.
>After thorough shuffling and hashing using SHA-1 along the lines of the LavaRnd, ent shows that /dev/random on MacOSX totally outperforms my generator.
Even after refinements based on input from others:
>Finally, this is the histogram of the voltage values which looks not too different from the normal distribution
I would approach these projects with the assumption that more work (possibly a lot more work!) will be probably needed to make these good sources.
Getting some randomness in the mix on a general purpose personal system is not a problem, a radio receiver hopping across the spectrum is probably enough. Cracking the math isn't needed when there are easier methods to bug or intimidate the average citizen, and persons of interest usually have access to countermeasures. It's dedicated systems like shared servers that need both quantity and quality of randomness ad-hoc solutions don't provide. Also, radio reception isn't that good in data centers. One trick might be using number crunching in servers themselves, as future server motherboards can have diversions on high frequency data lines that generate random data to be used on dedicated shared randomness generation and distribution network.
I have recently started studying cryptography and implementing some algorithms in C.
I am interested in ways of manually obtaining high-quality entropy programatically
(i.e. the way TrueCrypt had the user randomly move their mouse around a window).
I don't have any experience programming GUIs, but I suppose I could try a similar
approach. Any tips on where I should begin or how I should try going about this?
>>3361 > programatically
> user randomly move their mouse
> programatically
You do understand user input is not a part of your program, don't you? That option may also be absent.
You can easily get a stream of X and Y coordinates of mouse pointer, then read something on hashing it to make distribution uniform, and something on assessing its amount of randomness.
However,
> I have recently started studying cryptography and implementing some algorithms in C.
You need to read way more important articles.
>TLDR: hardware level random number generator which is better than default because CPUs in a post NSA world have backdoors to make predictable encryption keys.
That's not how it works. /thread
The Simplest Of Pseudo Random Number GeneratorsNanonymousNo.3617[D][U][F]>>3653
>A truly random number is something that is surprisingly difficult to generate. A typical approach is to generate the required element of chance from a natural and unpredictable source, such as radioactive decay or thermal noise. By contrast it is extremely easy to generate numbers that look random but in fact follow a predictable sequence. A shift register with feedback through an XOR of its output and one of its stages will produce a continuous stream of pseudo-random bits that repeat after a set period.
>[KK99] has created the simplest possible pseudo-random binary sequence generator, using a three-bit shift register. It’s realised on a pleasingly retro piece of perfboard, with a CD4047 as clock generator and a 74HC164 shift register doing the work. Unusually the XOR gate is made from discrete transistors, 2N3053s in bulky TO39 packages, and for a particularly old-fashioned look a vintage HP LED display shows the currently generated number. A relatively useless pseudo-random sequence with a period of seven bits is the result, but the point of this circuit is to educate rather than its utility. You can see it in operation in the video below the break.
https://hackaday.io/project/164952-pseudo-random-number-generator
>We had a demonstration of the dangers of using a pseudo-random sequence back in 2016. The German military cipher nicknamed “Tunny” by British codebreakers relied upon a mechanical sequence generator, and the tale of its being cracked led to the development of Colossus, the first stored-program electronic computer.
https://hackaday.com/2016/08/23/colossus-face-to-face-with-the-first-electronic-computer/
>>3617 >We had a demonstration of the dangers of using a pseudo-random sequence back in 2016.
Another problem is polution of the results through non random noise, humm, frequency shifts etc. The noise of CCD chips isn't random either and individual for every piece.
The hum that helps to fight crime For the last seven years, at the Metropolitan Police forensic lab in south London, audio specialists have been continuously recording the sound of mains electricity.
It is an all pervasive hum that we normally cannot hear. But boost it a little, and a metallic and not very pleasant buzz fills the air.
Forensic scientists are asked to establish whether digital recordings are genuine
Rebecca Morelle looks at forensic audio and phonetics on Frontiers on Wednesday 12 December 2100 GMT on Radio 4
Or listen later on iPlayer
"The power is sent out over the national grid to factories, shops and of course our homes. Normally this frequency, known as the mains frequency, is about 50Hz," explains Dr Alan Cooper, a senior digital forensic practitioner at the Met Police.
Any digital recording made anywhere near an electrical power source, be it plug socket, light or pylon, will pick up this noise and it will be embedded throughout the audio.
http://archivecaslytosk.onion/yAMtW
>>3653 Not sure if it's true that there will be actual soundwaves that are easily detectable by ordinary microphones, but I once detected the powerline frequency by plugging in a super long audio cable to my computer. Audacity showed some white noise although there was nothing connected at the other end.
That's obviously journalistic interpretation. Interference from the mains is a well known pain in the ass of recording studio engineers.
Most onboard audio cards are shitty not because of DAC quality (which is OK, you'd have to search for a improper components as the ones that are mass-produced are cheap enough), but because the lines to the audio chip and from the chip to the jack catch interference from everything else inside the case. Therefore, if you record audio from the mic, that noise is also there. On the other hand, modern consumer-oriented software tend to have noise gate and compression filters that remove it.
I doubt regular wall socket hums at 50 Hz. Transformers (e.g. for outdoor lamps) sure can hum.
>>3665 You could have been picking up the signal from a radio station. I've been able to hear one (very faint) when using headphones. I suspect the length of the cable, coincidentally, may be tuned to a certain frequency that the radio station uses.
>Avalanche Noise Generator Notes
>Good sources of entropy (noise) are an essential part of modern cryptographic systems. I designed a mobile-friendly avalanche noise generator as part of the background work I’ve been doing for the betrusted project (more on that project later). I had to do a new design because the existing open-source ones I could find were too large and power hungry to integrate into a mobile device. I also found it hard to find solid theory pieces on avalanche noise generators, so in the process of researching this I wrote up all my notes in case someone needs to do a ground-up redesign of the system again in the future.
http://onerng.info/
>OneRNG is an entropy source / hardware random number generator (HWRNG), designed to be connected via USB to your computer.
>Entropy is collected from an avalanche diode circuit and optionally an RF circuit, whitened and presented over a USB/Serial connection.
>The provision of entropy to your computer system is critical for any software security system to be effective. There are many potential sources of entropy, but the majority of them are susceptible to biases & attacks that can result in the subversion of your privacy & security. Many of these attacks are undetectable in normal working conditions.
>In order to address these problems, we present OneRNG. This is deliberately a simple device, which means that instead of having to blindly trust the hardware you are attaching to your computer, you have the ability to verify that the software and hardware of this device is to your standards.
>We are not aware of any other equivalent device that promotes this essential feature of security for you, the user.
TLDR: hardware level random number generator which is better than default because CPUs in a post NSA world have backdoors to make predictable encryption keys.
Worth it or naw?