[talk] [nycbug-talk] FreeBSD abandoning hardware randomness

Brian Cully bcully at gmail.com
Mon Nov 3 00:40:43 EST 2014


> On Nov 2, 2014, at 23:37, Isaac (.ike) Levy <ike at blackskyresearch.net> wrote:
> If you know a good way out of these issues without hardware interfaces
> to the "real and random" world, I'm all ears!

	Well, some (~20) years ago, I ran across a website run by a guy at CERN (IIRC) who had what amounted to a geiger counter in a well that was quite far down that had cesium decaying in it. He said to go ahead and use it, but please, not too much because it took too long to generate new bits.

	I was looking for that to give you an answer, and ran across this: https://www.fourmilab.ch/hotbits/ <https://www.fourmilab.ch/hotbits/>. Yes, it requires hardware, but the way I see it, you don’t need much of it. With a good PRNG, all you should need is a good seed to get good RNG (that’s the logic behind the urandom/random split, anyway). Assuming you don’t have to reboot too much, and you don’t empty the pool to quickly, you shouldn’t need many truly random seeds.

	Unfortunately, I don’t think we’re going to see many truly effective generators short of hardware in the future. The traditional sources of “random” have become so heavily commoditized (for good reason) that it’s not too hard to break them.

-bjc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20141103/223be95b/attachment.html>


More information about the talk mailing list