Reply to post:

Boffin: Dump hardware number generators for encryption and instead look within


Yeah, that's exactly a limitation for the C prototype, and any C implementation of it for production.

(JV Roig here, cited paper author).

This isn't a limitation of my design. It's a C thing, and even Stephan Mueller's Jitter Entropy has the same caveat to never compile with optimizations.

However, I do have prototypes in other languages (Python3, Ruby, PHP), and those need no such hand-holding. They just run as is. (The siderand webpage that Tom linked contains all the prototypes and the measurement tools)

In fact, as of today, if you were to ask me what the ideal implementation would be in systems that support it, I'd choose Python. It's not significantly slower (we only need to seed rarely), and it makes the code directly and easily inspectable and auditable even in live environments.

Of course, embedded devices are limited to whatever their dev environment is (so, embedded C). In such cases, they just have to be careful to not compile the code for the seeder. I wish I could remove that small caveat completely, to avoid "oops!" moments, but so far I don't have a good alternative.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019