From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NutPr-000632-9b for garchives@archives.gentoo.org; Thu, 25 Mar 2010 20:12:31 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 139A4E0930; Thu, 25 Mar 2010 20:11:06 +0000 (UTC) Received: from flounder.pepperfish.net (flounder.pepperfish.net [87.237.62.181]) by pigeon.gentoo.org (Postfix) with ESMTP id D70A2E0930 for ; Thu, 25 Mar 2010 20:11:05 +0000 (UTC) Received: from cpc2-asht1-0-0-cust798.manc.cable.ntl.com ([80.5.55.31] helo=master) by flounder.pepperfish.net with esmtpsa (Exim 4.69 #1 (Debian)) id 1NutNv-0002ff-AY for ; Thu, 25 Mar 2010 20:10:31 +0000 Received: from trite.i.flarn.net ([10.19.3.100] helo=trite.i.flarn.net.i.flarn.net) by master with esmtp (Exim 4.69) (envelope-from ) id 1NutOS-0004go-OX for gentoo-hardened@lists.gentoo.org; Thu, 25 Mar 2010 20:11:04 +0000 Date: Thu, 25 Mar 2010 20:11:04 +0000 From: Rob Kendrick To: gentoo-hardened@lists.gentoo.org Subject: Re: [gentoo-hardened] Bought an "entropy-key" - very happy Message-ID: <20100325201104.77d1c310@trite.i.flarn.net.i.flarn.net> In-Reply-To: References: <4BA92703.4020200@wildgooses.com> <4BAB657C.8060309@wildgooses.com> X-Mailer: Claws Mail 3.7.2 (GTK+ 2.18.3; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 4b33ab39-1317-400e-973a-397a88b23d40 X-Archives-Hash: fd98625d7e7326a02476fa3e5b1631f3 On Thu, 25 Mar 2010 15:23:52 -0400 (EDT) lists@m8y.org wrote: > Right, he simply turned /dev/random into /dev/urandom. > I was under the impression the entropy key was simply a fancy PRNG. > Now that I know it offers true randomness, I'm more impressed. Also > curious exactly what it uses as a source. =46rom http://www.entropykey.co.uk/tech/: "The Entropy Key uses P-N semiconductor junctions reverse biassed with a high enough voltage to bring them near to, but not beyond, breakdown in order to generate noise. In other words, it has a pair of devices that are wired up in such a way that as a high potential is applied across them, where electrons do not normally flow in this direction and would be blocked, the high voltage compresses the semiconduction gap sufficiently that the occasional stray electron will quantum tunnel through the P-N junction. (This is sometimes referred to as avalanche noise.) When this happens is unpredictable, and this is what the Entropy Key measures." It's a pretty standard trick. What's special is that it uses two, and mixes the contents together, and so it can detect when one fails. Oh, and its price. (Other, much less sophisticated devices, cost as much as ten times more and are toys in terms of their security against attack.) B.