Re: [Hampshire] OpenSSL in Debian is broken

On Wed, May 14, 2008 at 05:12:57PM +0000, Peter Alefounder wrote:

> Hugo Mills <hugo@???> wrote:
> >    Basically, Debian managed to introduce a bug into their OpenSSL
> > packages a couple of years ago that made the "random" numbers it
> > generates predictable.

>
> Why are pseudo-random numbers used anyway? Is it beyond the wit of
> man to devise a bit of hardware that would produce genuine random
> numbers?

It's not, but the number of current consumer-grade machines that
have such hardware on them is pretty small.

> I am not an electronic engineer, but I understand that a
> Zener diode can be used to generate white noise. Perhaps one could
> be incorporated into a USB device with electronics to turn the
> noise into a stream of numbers that could be read as required, or

You can, I believe, buy USB HRNGs. You do need to have a daemon
running which scrubs and verifies the randomness of the device, though
-- if the device fails, or there's a bug in your device driver, having
it feed a continuous stream of zeroes to the software would be a Bad
Thing.

> maybe, if random numbers are so important, some such circuitry
> should become part of the standard architecture of PCs.

Intel had them on some of their motherboards (430 series, IIRC).
VIA CPUs have them embedded on the chip. That's about it for the
built-in stuff. And you still need to have something that verifies the
stream and corrects for bias (which slows it down considerably).

> On the other hand, no doubt someone who does know about these
> things can tell me why it's not practical...

It's practical -- I suspect it's not terribly cost-effective.

Hugo.

-- 
=== Hugo Mills: hugo@... carfax.org.uk | darksatanic.net | lug.org.uk ===
  PGP key: 515C238D from wwwkeys.eu.pgp.net or http://www.carfax.org.uk
      --- What's a Nazgûl like you doing in a place like this? ---