When no radioactive decay is available and good entropy is strongly advised for security reasons you experience a real problem. HTTPS connections consume a lot of entropy. If you have thousands of them per hour between machines low on good entropy (like deprived Web Servers at 4 o'clock am), your HTTPS (wget) poisen's your entropy pool. 'You become a victim of a 12 year old script kid'.
If I run Deezer (music) all the time, my entropy_available ['cat /proc/sys/kernel/random/entropy_available' when 'poolsize' in the same directory is 4096 should be full! 4096.] still went's down till I do some keystrokes. Then it jumps up more or some times less. I have no real good source of entropy here (only my selves - and even humans are deterministic). I am searching for a easy and cheap solution for 2 web crawler's 24 hrs online in a 'office' like setup. They ping each other and the router to distribute the (bad) entropy. I think of writing log's using a serial dot matrix printer to gather entropy mechanically (very noisy). The Sound Card Microphone is no good source of entropy. Short Wave Noise is as bad as a Microphone. The Bit rate is much higher on Short Wave. You can gather only 'White Noise' in this way. It's like playing the same 10 song's on Deezer's auto play for Years and Years. So Hardware without radioactive decay can't work on it's own. You need a thing to mix it with. This thing is GOOD entropy. Any experience with bad/poisened entropy on Linux?
Asked
Active
Viewed 195 times
-3
-
Consider the concept of "consuming" entropy debunked for Linux random/urandom. – anx Mar 31 '19 at 15:30
-
Yes - 'how to gather good entropy' is the real question. /dev/random is writable. – Andreas Karatassios-Peios Mar 31 '19 at 16:28
1 Answers
3
Would you consider an entropy-gathering daemon like haveged?
See: Is it appropriate to use haveged as a source of entropy on virtual machines?
Or a low cost hardware device?
ewwhite
- 197,159
- 92
- 443
- 809
-
The problem are the script kid's using e.g a Graphic card with 2048 render pipelines (CUDA) for braking your encryption. This small stick uses USB Power. They use 250 W Power with water cooling. Who wins? True entropy needs the Universe (our Sun is only one Star) as Power Supply to be broken. – Andreas Karatassios-Peios Mar 31 '19 at 04:18
-
1Little power is required to amplify avalanche noise off a circuit. https://eprint.iacr.org/2016/884.pdf If you do manage to break modern crypto with a single GPU, Security Stack Exchange will be very interested. – John Mahowald Mar 31 '19 at 12:27
-
Bruce Schneier Applied Cryptography 1996 showed many poor (by design) crypto's. – Andreas Karatassios-Peios Mar 31 '19 at 16:08
-
If you read German Wikipedia about Avalanche-Diode you see the term Schrot-Rauschen (engl. shot noise). It is a stochastic process. It can be described by a Poisson distribution. Poisson distribution is a form of a discrete Gauss distribution. Rain drops are a example for it. Poisson distribution was used in world war 2 to break Enigma (German cryptographic device) and I think Purple the Japanese one with Hollerith cards (IBM). (see Kahn - The Codebreakers). Two lines of natural 'engl.' text layered and 'added' -> poisson. Use man pages - shift them - add them -> poisson. Poor Entropy! – Andreas Karatassios-Peios Mar 31 '19 at 23:17
-
2Then rngd if you trust the RNG in your CPU, or haveged if you think CPU instruction timing is not predictable. These are easily deployed and fairly well understood. Please define your requirements if these do not meet them. – John Mahowald Apr 01 '19 at 14:11