[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Raspberry pi safe?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 04/15/2015 02:05 AM, Cathal (Phone) wrote:
> Personally I'd draw from several sources to feed /dev/random: an
> internal hash-chain (quick Python script) (re)seeded on a password
> and urandom periodically, the hardware entropy generator, Ubuntu's
> seed server.. don't trust one source, mash them up once a
> minute/hour and feed them to /dev/random.
I've gotten some success with a USB enabled Geiger counter
(https://www.sparkfun.com/products/11345). A little Python was used
to open the USB serial device and measure the amount of time that
passed in between characters being emitted, hash them, and cat the
hashes into /dev/random to give the kernel pool a little more to work
with. The unit's pretty large (larger than the RasPi) and needs a
housing of some kind to really protect it. I wouldn't use it for an
HSM but for experimenting at home it works decently well. Now I just
need to get around to learning SciPy to profile the output of
/dev/urandom for biases...
- --
The Doctor [412/724/301/703/415] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/
PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/
Good enough is the enemy of the best.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVLqfpAAoJED1np1pUQ8RkQXkP/i22Gu/cum2rTJEIxJpy2FAk
QML6bkLFUC5irii+lvZWppAgCjZ/08sI4R0CVN8HNsiJ4YsZnmvcQSb6uiOZ2h7v
YdYBlyb1g8xJZo3GYNyiZ/VaUvGIxa9tx9vBVBNTupQ/zvGIdlYxPsKFa8X8uqNX
PgcECa1jO7+sZ+IRbZ2csv3xNVJ9zoQ71SrYrIbTFAl93DJUpwFKqGyoybg5xlk3
4FJ1Fxjataa/VyHg0D02luWehxaoasvaKBbv9Jjuri5dPK4dJFJ87/zpE5GsDJD0
SxvWpK9zoss0XdQ1mgPD9/sRUvz38EjeAtIwUaci6UYEGlAR+CIabHdmvK8ozfqa
UKLQ0kUA64KyBt7pZqMR/mPRRqhQwNPoZ+IkO980kcD8/560FLK75Bt8YuunwpUp
xMRmt4peHFNoYGrtPkacuvJQ2tgxt+fqVpWEV75MO185pYdBCpEiFVc9vb1SSgJA
dKS6JNR38veYC4t1xemWnJWIrB75eDV6iPsLTy2kPP5JwQQjbUDBmIn4HD1NUgLk
WVE24trMo804+Ez37Avkgi1c1b8lTcP2BT2NL4c43tkcWZvi6ztp+15F6Yc/2ml2
zFSlEiAqgIilptHN3pY6UlAAej+B0ATRDisWjsRqFx9eM//oB/gicxDA+s4QyLJX
fNu4HtxeKg7b97Ss1xaE
=waFj
-----END PGP SIGNATURE-----