How to be unpredictable in a deterministic world
Jim Cheetham
OneRNG.info
Information Security Office, University of Otago, NZ
<jim.cheetham@otago.ac.nz>
Examples of secrets in computer security:
Given the same input conditions, we require hardware and software to produce the same output.
Measuring the environment external to the computer to achieve local unpredictability
By default, OneRNG measures unpredictable physical events
from an avalanche diode circuit
and returns the results — but there are biases
You can also enable the RF monitor to get another source of entropy data with a higher quality — but at the cost of a little paranoia
This raw data is then whitened through a CRC16 function which makes it good enough to be fed into your system
There is an AES hardware module available, but it is not used by the default firmware (trust issues)
There's a 7.5KB pool of data that is kept full
New data is mixed in over the old data all the time
A LED on the board tells you when the pool is full
and warns you when it is getting empty
Output
The output from OneRNG should be used as an Entropy input to your existing systems (preferably OS)
We provide ~7.5 bits of entropy per byte of data>
The user controls the choice of sources
The user controls the use of Whitening
The user controls where the results go
Scripts on your server should do steps 2,3 & 4 on startup
How do we go from a design to an actual product?
To get volume production set up, we used Kickstarter with an NZD$10,000 target over 45 days
Rewards Options
We offered combinations of:
/dev/random
/dev/random
block?Ted T'so, 2015 “… the paranoiacs were *right* that the NSA had introduced a back-door into a crypto algorithm which they gifted to the civilian world. It just turned out to be DUAL-EC instead of SHA-1.”
/dev/urandom
:-)/dev/random
and /dev/urandom
?/dev/urandom
doesn't block; /dev/random
does”/dev/urandom
/dev/urandom
/dev/urandom
/dev/random
?/dev/urandom
, not all your legacy code does/dev/random
run faster?"Any one who considers arithmetical methods of producing random digits is, of course, in a state of sin."
Example with 4-digit seed:
Presentation resources :-
Software - reveal.js, hosted on Github
Icons used are from The Noun Project, http://creativecommons.org/licenses/by/3.0/us/ licensed
Arrow and Bent Arrow by Thomas Le Bas, Dice by Weston Terrill, Toothbrush, Radio by Joe Harrison, Avalanche by Louis Dawson, Swimming Pool by Sitara Shah, Clock by Nick Green, Guy Fawkes by Christopher T. Howlett, Pac-Man by Luigi Di Capua, Surveillance by Luis Prado, Audit by Miroslav Koša, Skydiving by Jual Pablo Bravo, CPU by iconsmind.com, Certificate by Alex Auda Samora, Incognito by Alen Krummenacher, Layers by Cornelius Danger, Search by Melvin Salas, Infographic by Rob Gill, Seed Packet by Anton Gajdosik (Public Domain)
RANDU visualisation from Wikipedia's RANDU page
OneRNG photos from Jim Cheetham and Paul Campbell