For the impatient, source code is here. Nevertheless reading this documentation is strongly encouraged.
Enranda is a true random number generator (TRNG) without any external hardware requirements. If that sounds like a contradiction in terms, recall that my previous such product, Jytter, was exactly that: a TRNG which produced cryptographically hard true random numbers using only the CPU timestamp counter (TSC) as a source of entropy, which can be read from unprivileged (userspace) apps under various modern operating systems (OSes).
But that was 2012. In the intervening 3 years, the generous and incredibly patient sponsorship of Tigerspike has allowed me to pursue, among other things, a much faster and cryptographically simpler TRNG. It is my hope that you will use this product to create better security products for all of us, so that we need not trust third party black boxes ("trust-me-TRNGs") -- or even open source hardware, for that matter, which can suffer from poisoned electronic components at the time of manufacture.
Before getting into the details, you should understand some of the criticisms that have been leveled against Enranda. As with anything else in life, it's a tradeoff between convenience and security. It may or may not be suitable for your particular application. That's your decision and your responsibility to evaluate. Here is the thread on the Randombit cryptography mailing list.
The features of Enranda are outlined below, which are thoroughly expounded in the documentation that follows.
1. Ultrahard (yes, we actually explain that!).
2. Roughly 4 megabytes per second on a commodity laptop.
3. Robust against mistaking autopseudorandomness for genuine physical entropy.
4. Employs realtime filtering of periodic signals which appear entropic but by definition have zero information content.
5. Originally developed for X86 and X64 architectures including Linux, MacOS, and Windows, but portable anywhere that the TSC or its equivalent can be read. (For example, search the source for ABSTIME, which is intended to support ARM but has not been tested.) See README.txt for a comprehensive summary of which environments have been tested.
Following is the table of contents for our comprehensive tutorial. You will find other articles posted to this blog from time to time, but here are the basics:
No comments:
Post a Comment