[PYTHON-CRYPTO] CSPRNG schemes : Any comments?

Bryan Mongeau bryan at EEVOLVED.COM
Fri Feb 16 08:51:35 CET 2001 

> IIRC, they do (the Intel i810 random number generator; the Linux kernel has
> a driver).  Nobody trusts them, Intel, you know...

LOL. This is cool. If only more mobo manufacturers should adopt this attitude
towards security right at the hardware level, it would save us all alot of
headaches. :)  Aren't these RNG's also very cheap to produce?

> To get the second goal, you should use some well-understood bit-maching
> scheme such as a stream cipher or block cipher in OFB mode.  You need to
> feed it real randomness at regular intervals, just like you need to re-key
> connections at regular intervals; for this you need real randomness.  You
> might as well let the real randomness collect in a hash context (as yarrow
> does).

OFB mode? The reference ( rijndael-alg-fst.c ) implementation I obtained
supports only ECB, CBC and CFB. Is it an incomplete implementation?  I got it
straight from the site... :(

> Most real RNGs (lavarand, disk seek latency, keyboard intervals, etc.)
> provide far too few random bits to use straight except for the most
> demanding applications.  So you would be feeding them into a CSPRNG anyway.
> If all you want is a CSPRNG, run AES in OFB mode.

This got me thinking. Lavarand is a cool concept (and the guys are funny too)
but it would be cooler to distribute that entropy securely over the net.
Unfortunately all an attacker would need is a sniffer to guess that entropy.
But what if a secure connection can be established (SSL), the entropy tapped
and the connection closed. Then that entropy could be considered unguessable
by an attacker, no? A CSPRNG could be seeded and bingo... unguessable
internal state.  I can imagine a giant hardware RNG farm on the net with
simple https set up would get this working quickly. A business model selling
entropy perhaps? Anyone see a flaw in this?

Regards,
--
<==================================>
Bryan Mongeau
Lead Developer, Director
eEvolved Real-Time Technologies Inc.
http://www.eevolved.com
<==================================>

"I want to know God's thoughts; the rest are details."-- Einstein

More information about the python-crypto mailing list