:: Re: [DNG] ID Quantique "Quantum" PC…
Page principale
Supprimer ce message
Répondre à ce message
Auteur: Adam Borowski
Date:  
À: dng
Sujet: Re: [DNG] ID Quantique "Quantum" PCI-e RNG's - does anyone have more info?
On Sun, Nov 12, 2017 at 12:16:33PM +0000, Arnt Gulbrandsen wrote:
> When we say entropy and random numbers, we generally mean completely
> unpredictable.
>
> Intel's RDRAND, ekey, presumably ID-Quantique's solution and others rely for
> their entropy on quantum physics. If our understanding of quantum physics is
> correct, then by constructing such and such circuits, a certain bit flickes
> unpredictably between 0 and 1.


This assumes it indeed works as advertised. It's too easy to subvert and to
make your CPU produce a sequence that's fully predictable by Intel and
anyone they share their secrets with (ie, three letter agencies) but which
you can't distinguish from honest randomness.

> The linux kernels' u/random relies on math. According to fairly well
> understood areas of math, an observer who sees the output cannot predict
> future output.
>
> Havege relies on complexity. It says that somes system can be too complex to
> understand, that modern computers are such systems, and so measuring some
> aspects of the system produces a stream of completely unpredictable numbers.
> (It also uses testing to find out which aspects will do.)


Both the kernel and havege are fully auditable code. While in principle the
CPU can subvert any code it runs, this would be drastically harder than to
alter a black box.

> According to your descriptions of what you want (Taiidan), the middle is the
> right one for you: It's essentially 100% open source and the others require
> you to trust either quantum physics or that impossible complexity is
> commonly available. You may not understand either the math or the C but both
> are accessible to you.


The best solution is to use two or three of these sources. As long as you
mix them using an unbroken one-way function, a malicious entropy source
can't do anything worse than supply 0 entropy.


Meow!
--
⢀⣴⠾⠻⢶⣦⠀ Laws we want back: Poland, Dz.U. 1921 nr.30 poz.177 (also Dz.U.
⣾⠁⢰⠒⠀⣿⡁ 1920 nr.11 poz.61): Art.2: An official, guilty of accepting a gift
⢿⡄⠘⠷⠚⠋⠀ or another material benefit, or a promise thereof, [in matters
⠈⠳⣄⠀⠀⠀⠀ relevant to duties], shall be punished by death by shooting.