From c85eb2b4f71e5a189c027737a5a3c576c31ae684 Mon Sep 17 00:00:00 2001 From: Bdale Garbee Date: Tue, 28 Jul 2009 17:18:20 +0200 Subject: [PATCH] about the Simtec hardware random number generator --- .../posts/More_Entropy_is_Better_Entropy.mdwn | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 bdale/blog/posts/More_Entropy_is_Better_Entropy.mdwn diff --git a/bdale/blog/posts/More_Entropy_is_Better_Entropy.mdwn b/bdale/blog/posts/More_Entropy_is_Better_Entropy.mdwn new file mode 100644 index 0000000..0ec25a1 --- /dev/null +++ b/bdale/blog/posts/More_Entropy_is_Better_Entropy.mdwn @@ -0,0 +1,27 @@ +[[!tag tags/debian]] +[[!tag tags/crypto]] +As already reported, while at [Debconf9](http://debconf9.debconf.org/) this +week, I succumbed to peer pressure, and have generated a new 4096-bit RSA +key. Doing this was made substantially more pleasant (and certainly a bit +more amusing!) by the fact that I was loaned a prototype of the new Simtec +[Entropy Key](http://www.entropykey.co.uk/) to play with. + +Can't wait until they're in production and available for sale... + +Basically, it's "just" a very high quality hardware random number generator +that sits on a USB interface. Associated with this is a small GPL'ed daemon +that gets loaded along with some udev configuration (all in a Debian package +in my case), such that any time you plug it in, your system available entropy +goes way up and stays up until you unplug it. It really is that easy! My +new 4096-bit GPG key generated without perceptable delay, while the one my +daughter made at the same time on her similar notebook required lots of +mouse wiggling and I/O traffic generation to accumulate enough bits. A +dramatic difference, to say the least! + +Anything that needs lots of random bits for generating things like session +keys will clearly benefit from a device like this. Some systems have other +hardware sources of random numbers, but I was impressed by the attention to +detail the guys have put into this little widget, and the work they've done +to make it integrate so well with Debian. + +Very cool. -- 2.30.2