[Pki-clean-room-devel] Entropy gathering
Sergey Matveev
stargrave at stargrave.org
Fri Oct 6 09:05:50 UTC 2017
Greetings!
I have read https://wiki.debian.org/OpenPGP/CleanRoomLiveEnvironment
page and discovered your project about PKI clean rooms. I am curious
what do you think about entropy gathering sources?
As I understand, computer in the clean room is not intended to generate
new keys -- so, ok, there is no need in entropy for that task. Current
OpenPGP version uses PKCS #1 v1.5 RSA padding scheme, that does not
require entropy too. But ECC algorithms like either ECDSA or ECDH
requires it. It is crucial to have good random input during ECDSA
signature generation, because private key will leak otherwise.
Air-gapped computer that does not save its state anywhere, does not have
good entropy by definition. There is Intel RDRAND In modern x86
processors, but it is known to be unsatisfactory quality PRNG, useful
only as an addition to other sources.
I presume that entropy could and should be additionally provided to
running air-gapped computer on media devices and fed into /dev/random
pool (cat /mnt/additional_entropy > /dev/random). Also, when computer
is going to shutdown, then his current pool state could be saved on that
media for future use.
What do you think about that subject?
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pki-clean-room-devel/attachments/20171006/8a108b2f/attachment.sig>
More information about the PKI-Clean-Room-Devel
mailing list