Message boards : Number crunching : Usable Sources of Entropy/Chaos/Random in research need expanding - here are the ideas
Message board moderation

To post messages, you must log in.

AuthorMessage
QuantumHelos
Avatar

Send message
Joined: 30 Apr 17
Posts: 8
Credit: 64,583
RAC: 0
Message 2198 - Posted: 3 May 2017, 22:14:54 UTC

RNG and the random web - Haveged / RNGTools - Chaos - Crypto - Science of Hardware & Computer Driver


****
*preface* what is the difference between chaos and entropy ?

Chaos is an issue of confusion .... of logic that spirals unpredictably out of control ....
sometimes exciting, sometimes bad ... confusing, exciting .... lacking perfect definition.

Order/logic go hand in hand in the digital age....

Entropy is the disordered but ordered by average breakdown of the system onto a form that statistically meets the requirement that : (all sums eventually average to zero as much as possible)

ergo statistically : Chaos and Order/Logic both exist
---------------------------------------------------
entropy ...

*

Entropy or preferably random plays a very important role in science and the internet...
Security and Research both need this.

But most commonly they lack drivers ..

https://en.wikipedia.org/wiki/Comparison_of_hardware_random_number_generators

Phone & PC Random/Seed/Entropy is a problem so making an app like ubuntu's entropy seeding app,
With high quality random would be a life saver to the phone user,
In addition the RND Crng Trng or NRNG could use AES to magnify the pool ... or blow-fish etcetera !

For non rooted phones a device a RNG device installed; if RNG device impossible to install then other noise source ..
For the Phone/PC/Mac/Server OS.

*Driver Function and utilisation* (Copyright Rupert S)

Multiple sources of entropy and the hashing of that combined and injected though AES hardware
is not included.. in applications on Phone, Windows, Mac etcetera..

the use of a Hardware Encrypted cache saved to drive .. for example :

1mb of RNG data that has not been used to add to the boot source & durring low ebbs in Entropy data,
To be refreshed depending on the recording media..
& additional pre AES/Blowfish/Encryption mode; processed data in ram.

(4mb is larg enough to use but small enough for 256mb ram devices.)

Fortunately this is 4 weeks development at most.

So kernel inclusion of the driver base is a must

With the main tool being protected space; With distribution to user of AES; blowfish etcetera, hashed and expanded data

NX DEP protected data contained securely,

you can seed the data and remix that with new data..

mixed data is the strongest and surely the least predicable of the lot since despite using algorithms the output is clearly unpredictable.

Entropy SIM and SSD cards are an option & can contain an actual memory array flash combo to be super fast;
but economical.

(Copyright Rupert S)

*****

For a windows/phone RNG device .... i have been thinking !

You could modify the driver and make your own to take data from the RNG devices on the comports & obviousy PCI etcetera..
Commonly on the Linux system entropy/RNG/Random drivers are in the kernel but are most commonly not configured properly;
These are the problems we need to fix & fix well..

Entropy SIM and SSD cards are an option & can contain an actual memory array flash combo to be super fast;
but economical.

Haveged exists on linux but not on mac or windows.... (The characteristics of Haveged are not necessarily guaranteed to have all the chaos that we need.)
However haveged is one option that combined with AES,Blowfish Random Expansion can help with Entropy issues !

Haveged is not the only solution and furthermore TRNG/CRNG need optimization ....
To Increase security and to provide true crypto/Rand function.

Haveged provides a viable additional source of entropy ....
Preferably not as the only source,
However haveged is a product that produces results,

We surely need in Random Bit starved computers and mobile markets ....

Yes the CPU/GPU configured so can obviously create logical and not so perfectly entropic results,
However we have to ask ourselves do we need random filled with a viable source available to all ?
The answer is obvious yes.

Haveged produces a data far superior to just the user input...
Furthermore the tasks running on the computer and or within the system improve the output...

As the necessity to use haveged increases;
Most likely the user will be running more tasks that need to use it ! and hence there will be better results and more of them.

yes a true TRNG is a state of peace in the true security advocates heart but there is always room for an improved haveged..
both on windows, on mac and other operating systems.

(copyright : Rupert S)

http://www.issihosts.com/haveged/index.html

https://www.irisa.fr/caps/projects/hipsor/

https://fedoraproject.org/wiki/Windows_Virtio_Drivers

viorng/: Virtio RNG driver

Seems a simple and elegant solution that would allow for the use of RNG data and would allow other devices of the same type to work well !
This would be a service to all and allow research sharing,
The driver is open source.


https://github.com/YanVugenfirer/kvm-guest-drivers-windows/blob/master/viorng/viorng/viorng.inf

https://fatminmin.com/blog/install-win10-with-virtio.html

https://pve.proxmox.com/wiki/Windows_VirtIO_Drivers

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Deployment_and_Administration_Guide/sect-Guest_virtual_machine_device_configuration-Random_number_generator_device.html

Other device drivers could also be made not just for virtual machines...

RS

Other tools and functions to call to make the C/N/T/RNG ... Functional - please read all !

*well thought out analysis of the entropy system care of getnetrandom & Wisconsin university*

http://pages.cs.wisc.edu/~swift/papers/oakland14-rng.pdf

*online entropy fetch with Client for windows and linux servers and soon android*

https://www.getnetrandom.com/#howitworks

https://www.getnetrandom.com/quickstart-guide.pdf

http://whitewoodsecurity.com/products/entropy-engine/

*RNG SDK links*

https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.sdk5.v12.0.0%2Fgroup__nrf__drv__rng.html

https://developer.nordicsemi.com/nRF5_SDK/nRF51_SDK_v8.x.x/doc/8.0.0/s110/html/a00790.html#details

* windows driver implimentation*

https://stackoverflow.com/questions/22150896/is-it-possible-to-add-entropy-from-a-hardware-rng-to-the-windows-cryptoapi

https://www.microsoft.com/en-us/download/details.aspx?id=30688 Cryptographic Provider Development Kit

https://msdn.microsoft.com/en-us/windows/hardware/drivers/bringup/efi-rng-service-binding-protocol

https://msdn.microsoft.com/en-us/library/windows/desktop/aa379942(v=vs.85).aspx

https://msdn.microsoft.com/en-us/library/windows/desktop/aa380252(v=vs.85).aspx#key_generation_and_exchange_functions

https://msdn.microsoft.com/en-us/library/windows/hardware/ff553181(v=vs.85).aspx

*SSL information*

https://wiki.openssl.org/index.php/Random_Numbers

https://wiki.openssl.org/index.php/Random_fork-safety

*T/C/RNG Providers*

http://whitewoodsecurity.com/products/entropy-engine/

http://moonbaseotago.com/onerng/

http://ubld.it

http://qrng.anu.edu.au/index.php

(c)RS

*****

Q & A (Copyright Rupert S etc)

"how can you ensure that a particular kernel driver runs before other system processes?
for example doesn't ASLR run way before anything else?"

the boot kernel drivers boot before the os with the network driver
(for secure network driver loading for server sessions)
keep a cache of rnd data and bingo
secured boot with high chaos maintenance

"to make USB tpm/dongle devices and boot is secure and the os is safe from intrusion (low priced preferably)"

the driver has to have a verified certificate

"everything makes sense here the details of boot kernel driver vs regular kernel module."

Microsoft and Redhat kernel drivers need certification on servers and generic OS implementation
go directly to them and register your certificate.

Get involved in the RNG Tools project and the kernel development for Linux,windows & mac,

Also android kernel is based on the Linux kernel but implemented though open source development and deviation from Linux source.

"What's your feeling on RNG Tools in general, and from the point of view of it being an optional component people have to consciously seek out and add in vs. being a "built in" part of a standard distribution?"

Personally i believe in RNGTools and the usage is a must!

Multiple sources of entropy and the hashing of that combined and injected though AES hardware
is not included..

Fortunately this is 4 weeks development at most.

So kernel inclusion of the driver base is a must (with the main tool being n protected space with distribution to user of AES; blowfish etcetera, hashed and expanded data


(c)RS
******
http://esa-space.blogspot.com/

boinc optimization > http://esa-space.blogspot.rs/2017/04/boinc.html

T/C/RNG/Entropy Drivers and sources > http://esa-space.blogspot.ru/2017/04/rng-and-random-web.html
ID: 2198 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile Krzysztof Piszczek - wspieram ...
Project administrator
Project developer
Project tester
Avatar

Send message
Joined: 4 Feb 15
Posts: 847
Credit: 144,180,465
RAC: 0
Message 2205 - Posted: 4 May 2017, 0:47:44 UTC - in response to Message 2198.  

Can you stop spam forum?
If not, I will delete all your posts...
Krzysztof 'krzyszp' Piszczek

Member of Radioactive@Home team
My Patreon profile
Universe@Home on YT
ID: 2205 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
QuantumHelos
Avatar

Send message
Joined: 30 Apr 17
Posts: 8
Credit: 64,583
RAC: 0
Message 2206 - Posted: 4 May 2017, 10:45:55 UTC - in response to Message 2205.  

sorry a couple of posts because i got excited about the project and it's difficulties ....

i seriously want this project to work & there should be more input...

thanks and all
ID: 2206 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote

Message boards : Number crunching : Usable Sources of Entropy/Chaos/Random in research need expanding - here are the ideas




Copyright © 2024 Copernicus Astronomical Centre of the Polish Academy of Sciences
Project server and website managed by Krzysztof 'krzyszp' Piszczek