Development issues regarding the cerowrt test router project
 help / color / mirror / Atom feed
* [Cerowrt-devel] hwrngs
@ 2014-02-02  4:11 Dave Taht
  2014-02-02 16:17 ` dpreed
  0 siblings, 1 reply; 4+ messages in thread
From: Dave Taht @ 2014-02-02  4:11 UTC (permalink / raw)
  To: cerowrt-devel

I am still quite irked by having to use /dev/urandom for important
tasks like dnssec key generation, and in wireless WPA. And like
others, distrust having only one source of random numbers in the mix.

I just ordered some of these

http://cryptotronix.com/2013/12/27/hashlet_random_tests/

Simultaneously while I was getting nsupdate dns working on cerowrt
from the yurt to the dynamic ipv6 stuff, my main dns server died, and
I decided
I'd move dns to a beaglebone black, so running across this hwrng made
me feel better about randomness on embedded systems.

I bought the last 5 Joshua had, sorry about that! I'd like to find something
that could run off the internal serial port on the wndr3800s... and
worth incorporating in future designs. (multiple vendors)

-- 
Dave Täht

Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Cerowrt-devel] hwrngs
  2014-02-02  4:11 [Cerowrt-devel] hwrngs Dave Taht
@ 2014-02-02 16:17 ` dpreed
  2014-02-02 16:25   ` Dave Taht
  0 siblings, 1 reply; 4+ messages in thread
From: dpreed @ 2014-02-02 16:17 UTC (permalink / raw)
  To: Dave Taht; +Cc: cerowrt-devel

[-- Attachment #1: Type: text/plain, Size: 1362 bytes --]


Any idea what the price will be in quantity?   The fact that it supports both BB black and RPi is great news for makers interested in authentication and security.
 


On Saturday, February 1, 2014 11:11pm, "Dave Taht" <dave.taht@gmail.com> said:



> I am still quite irked by having to use /dev/urandom for important
> tasks like dnssec key generation, and in wireless WPA. And like
> others, distrust having only one source of random numbers in the mix.
> 
> I just ordered some of these
> 
> http://cryptotronix.com/2013/12/27/hashlet_random_tests/
> 
> Simultaneously while I was getting nsupdate dns working on cerowrt
> from the yurt to the dynamic ipv6 stuff, my main dns server died, and
> I decided
> I'd move dns to a beaglebone black, so running across this hwrng made
> me feel better about randomness on embedded systems.
> 
> I bought the last 5 Joshua had, sorry about that! I'd like to find something
> that could run off the internal serial port on the wndr3800s... and
> worth incorporating in future designs. (multiple vendors)
> 
> --
> Dave Täht
> 
> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>

[-- Attachment #2: Type: text/html, Size: 1857 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Cerowrt-devel] hwrngs
  2014-02-02 16:17 ` dpreed
@ 2014-02-02 16:25   ` Dave Taht
  2014-02-02 16:45     ` dpreed
  0 siblings, 1 reply; 4+ messages in thread
From: Dave Taht @ 2014-02-02 16:25 UTC (permalink / raw)
  To: David Reed; +Cc: cerowrt-devel, Joshua Datko

On Sun, Feb 2, 2014 at 8:17 AM,  <dpreed@reed.com> wrote:
> Any idea what the price will be in quantity?

No. Pretty cheap, it's a very tiny board....

http://cryptotronix.com/2013/12/27/hashlet_random_tests/

I got a discount for 5, and he has a couple left...

> The fact that it supports
> both BB black and RPi is great news for makers interested in authentication
> and security.

yep.

It is open hardware also, with a schematic supplied, open source
driver (not a kernel driver yet), I was very happy to support this
project.

I have looked for usb equivalents, btw, and haven't found anything
inexpensive. And in the case of cero I'd wanted something that could
run
on the internal serial header...

I note that theoretically the BBB also has an on-cpu hwrng but
documentation on it from TI is lacking. Perhaps someone could lean on
TI to free that information up in the post-snowden era?

(my take on it is the more hwrngs the better, one from china, one from
russia, one from the USA...)

/me goes back to converting his dns/mail/vpn server over to a BBB....

>
>
>
>
>
> On Saturday, February 1, 2014 11:11pm, "Dave Taht" <dave.taht@gmail.com>
> said:
>
>> I am still quite irked by having to use /dev/urandom for important
>> tasks like dnssec key generation, and in wireless WPA. And like
>> others, distrust having only one source of random numbers in the mix.
>>
>> I just ordered some of these
>>
>> http://cryptotronix.com/2013/12/27/hashlet_random_tests/
>>
>> Simultaneously while I was getting nsupdate dns working on cerowrt
>> from the yurt to the dynamic ipv6 stuff, my main dns server died, and
>> I decided
>> I'd move dns to a beaglebone black, so running across this hwrng made
>> me feel better about randomness on embedded systems.
>>
>> I bought the last 5 Joshua had, sorry about that! I'd like to find
>> something
>> that could run off the internal serial port on the wndr3800s... and
>> worth incorporating in future designs. (multiple vendors)
>>
>> --
>> Dave Täht
>>
>> Fixing bufferbloat with cerowrt:
>> http://www.teklibre.com/cerowrt/subscribe.html
>> _______________________________________________
>> Cerowrt-devel mailing list
>> Cerowrt-devel@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>>



-- 
Dave Täht

Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [Cerowrt-devel] hwrngs
  2014-02-02 16:25   ` Dave Taht
@ 2014-02-02 16:45     ` dpreed
  0 siblings, 0 replies; 4+ messages in thread
From: dpreed @ 2014-02-02 16:45 UTC (permalink / raw)
  To: Dave Taht; +Cc: cerowrt-devel, Joshua Datko

[-- Attachment #1: Type: text/plain, Size: 2776 bytes --]


Ordered the RPi version (5 more in stock, if anyone wants one).  Thanks, Dave!
 


On Sunday, February 2, 2014 11:25am, "Dave Taht" <dave.taht@gmail.com> said:



> On Sun, Feb 2, 2014 at 8:17 AM,  <dpreed@reed.com> wrote:
> > Any idea what the price will be in quantity?
> 
> No. Pretty cheap, it's a very tiny board....
> 
> http://cryptotronix.com/2013/12/27/hashlet_random_tests/
> 
> I got a discount for 5, and he has a couple left...
> 
> > The fact that it supports
> > both BB black and RPi is great news for makers interested in authentication
> > and security.
> 
> yep.
> 
> It is open hardware also, with a schematic supplied, open source
> driver (not a kernel driver yet), I was very happy to support this
> project.
> 
> I have looked for usb equivalents, btw, and haven't found anything
> inexpensive. And in the case of cero I'd wanted something that could
> run
> on the internal serial header...
> 
> I note that theoretically the BBB also has an on-cpu hwrng but
> documentation on it from TI is lacking. Perhaps someone could lean on
> TI to free that information up in the post-snowden era?
> 
> (my take on it is the more hwrngs the better, one from china, one from
> russia, one from the USA...)
> 
> /me goes back to converting his dns/mail/vpn server over to a BBB....
> 
> >
> >
> >
> >
> >
> > On Saturday, February 1, 2014 11:11pm, "Dave Taht"
> <dave.taht@gmail.com>
> > said:
> >
> >> I am still quite irked by having to use /dev/urandom for important
> >> tasks like dnssec key generation, and in wireless WPA. And like
> >> others, distrust having only one source of random numbers in the mix.
> >>
> >> I just ordered some of these
> >>
> >> http://cryptotronix.com/2013/12/27/hashlet_random_tests/
> >>
> >> Simultaneously while I was getting nsupdate dns working on cerowrt
> >> from the yurt to the dynamic ipv6 stuff, my main dns server died, and
> >> I decided
> >> I'd move dns to a beaglebone black, so running across this hwrng made
> >> me feel better about randomness on embedded systems.
> >>
> >> I bought the last 5 Joshua had, sorry about that! I'd like to find
> >> something
> >> that could run off the internal serial port on the wndr3800s... and
> >> worth incorporating in future designs. (multiple vendors)
> >>
> >> --
> >> Dave Täht
> >>
> >> Fixing bufferbloat with cerowrt:
> >> http://www.teklibre.com/cerowrt/subscribe.html
> >> _______________________________________________
> >> Cerowrt-devel mailing list
> >> Cerowrt-devel@lists.bufferbloat.net
> >> https://lists.bufferbloat.net/listinfo/cerowrt-devel
> >>
> 
> 
> 
> --
> Dave Täht
> 
> Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html
>

[-- Attachment #2: Type: text/html, Size: 3857 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2014-02-02 16:45 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-02-02  4:11 [Cerowrt-devel] hwrngs Dave Taht
2014-02-02 16:17 ` dpreed
2014-02-02 16:25   ` Dave Taht
2014-02-02 16:45     ` dpreed

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox