That makes it difficult to attack all 32 banks in a reasonable amount of time. Look into the Fortuna PRNG, which uses 32 banks, each one updated half as often as the one before it. This is why you want to keep some entropy around long-term, using EEPROM, SD, etc. You should not output numbers until you know it's safe to do so, even at the cost of speed. Another common attack simply unplugging the unit thus dumping all the accumulated entropy. Same with blasting RFI towards the analogRead() inputs. If heating the board causes a certain max clock jitter, that's an attack vector. You want to collect at least 8 samples of input for each chunk of output, ideally much more. unsigned long bank then later bank+= thisSample is good it will roll-over. It's easier to guess a coin flip than a bucket of coins. The last thing you want to do is spit out entropy as is comes along. esp8266 HWRNG - RANDOM_REG32 -extremely fast and unpredictable, a 1-stop.esp8266 timing (the background wifi tasks make scheduled micros() fetches indeterminate).esp8266 wifi hotspot scan (ssid, db, etc).clock jitter (low-bandwidth, but usable).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |