“We cannot trust� Intel and Via’s chip-based crypto, FreeBSD developers say

http://arstechnica.com/security/2013...evelopers-say/
Developers of the FreeBSD operating system will no longer allow users to
trust processors manufactured by Intel and Via Technologies as the sole
source of random numbers needed to generate cryptographic keys that can't
easily be cracked by government spies and other adversaries.

.... the NSA and its British counterpart defeat encryption technologies by
working with chipmakers to insert backdoors, or cryptographic weaknesses, in
their products.

Posting from Windows Live. Who could have guessed...

--
"geoff" nospam nospam.com wrote:

X-Received: by 10.236.92.202 with SMTP id j50mr2159463yhf.26.1387006625141; Fri, 13 Dec 2013 23:37:05 -0800 (PST)
Path: eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!goblin3!goblin.stu.neva.ru!news.ripc o.com!news.glorb.com!p15no25532308qaj.0!news-out.google.com!9ni10175qaf.0!nntp.google.com!Xl.ta gs.giganews.com!border1.nntp.dca.giganews.com!nntp .giganews.com!local2.nntp.dca.giganews.com!nntp.ea rthlink.com!news.earthlink.com.POSTED!not-for-mail
NNTP-Posting-Date: Sat, 14 Dec 2013 01:37:04 -0600
From: "geoff" nospam nospam.com
Newsgroups: alt.comp.hardware.pc-homebuilt
Subject: =?utf-8?Q?=E2=80=9CWe_cannot_trust=E2=80=9D_Intel_and_Vi a=E2=80=99?= =?utf-8?Q?s_chip-based_crypto=2C_FreeBSD_dev?= =?utf-8?Q?elopers_say?=
Date: Sat, 14 Dec 2013 02:37:11 -0500
MIME-Version: 1.0
X-Priority: 3
X-MSMail-Priority: Normal
Importance: Normal
X-Newsreader: Microsoft Windows Live Mail 16.4.3505.912
X-MimeOLE: Produced By Microsoft MimeOLE V16.4.3505.912
Message-ID: ZLWdnZOi9pY8lzHPnZ2dnUVZ_tOdnZ2d earthlink.com
Lines: 10
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 206.53.108.2
X-Trace: sv3-PiJpoFDf8xcyJ/Ntxaj29pXNVIDBtw3LNcyl+N1BrHvm8MPzOzQbiokCNoItAN4a IjF4pJ0S6CJ698X!wGwdsC05KRx/BiN7QAg9jpDQhJGJcgSOt4SZ3H6jm54MGA06fhQIvPEguAmXZB TFOfGd3V2/MQbW!BtDkAaGi6AlW5pW1FINchV81eDZZ4I0=
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 1839
Content-Type: text/plain; format=flowed; charset="utf-8"; reply-type=original
Content-Transfer-Encoding: 7bit
Xref: news.eternal-september.org alt.comp.hardware.pc-homebuilt:29010

http://arstechnica.com/security/2013...evelopers-say/
Developers of the FreeBSD operating system will no longer allow users to
trust processors manufactured by Intel and Via Technologies as the sole
source of random numbers needed to generate cryptographic keys that can't
easily be cracked by government spies and other adversaries.

... the NSA and its British counterpart defeat encryption technologies by
working with chipmakers to insert backdoors, or cryptographic weaknesses, in
their products.

geoff wrote:
http://arstechnica.com/security/2013...evelopers-say/

Developers of the FreeBSD operating system will no longer allow users to
trust processors manufactured by Intel and Via Technologies as the sole
source of random numbers needed to generate cryptographic keys that can't
easily be cracked by government spies and other adversaries.

... the NSA and its British counterpart defeat encryption technologies by
working with chipmakers to insert backdoors, or cryptographic
weaknesses, in
their products.


FreeBSD comes with fuzzy dice now, to generate the random numbers.

*******

I can see all the FreeBSD users running out, and buying these.

http://www.idquantique.com/index.php...w=article&id=9

"PCI board - random stream of 4Mbits/sec and 16Mbits/sec"

That should keep them busy.

Paul

http://www.idquantique.com/index.php...w=article&id=9
Since it says:
'Compliance Testing Laboratory (Bangor, UK),'

.... no thanks. There are three things to do, build your own quantum RNG,
use the one provided in HW but XOR the bits with random data, move backwards
to a pseudo RNG.

The real problem is the NSA wants 'insecure security' (insecure so it can
collect data, but 100% secure for everyone else), which is an oxymoron.

geoff wrote:
http://www.idquantique.com/index.php...w=article&id=9
Since it says:
'Compliance Testing Laboratory (Bangor, UK),'

... no thanks. There are three things to do, build your own quantum
RNG, use the one provided in HW but XOR the bits with random data, move
backwards to a pseudo RNG.

The real problem is the NSA wants 'insecure security' (insecure so it
can collect data, but 100% secure for everyone else), which is an oxymoron.



You can make your own.

http://en.wikipedia.org/wiki/Random_...ysical_methods

"Sources of entropy include radioactive decay, thermal noise,
shot noise, avalanche noise in Zener diodes, clock drift,
the timing of actual movements of a hard disk read/write head,
and radio noise. However, physical phenomena and tools used to
measure them generally feature asymmetries and systematic biases
that make their outcomes not uniformly random."

I also like the mention of lava lamps in that article,
as a source of randomness. Groovy.

Paul

On Sunday, 15 December 2013 14:45:26 UTC+8, geoff wrote:
http://www.idquantique.com/index.php...w=article&id=9


The real problem is the NSA wants 'insecure security' (insecure so it can

collect data, but 100% secure for everyone else), which is an oxymoron.

Can you remember back in the days of CRT monitors, that you could not buy
one with full electromagnetic shielding?
Because to the NSA/GCHQ/Mossad the noise generated by a CRT was as good as
a TV transmitter, and they could reconstruct what was on your screen.

On 20/12/2013 3:22 AM, wrote:
On Sunday, 15 December 2013 14:45:26 UTC+8, geoff wrote:
http://www.idquantique.com/index.php...w=article&id=9


The real problem is the NSA wants 'insecure security' (insecure so it can

collect data, but 100% secure for everyone else), which is an oxymoron.

Can you remember back in the days of CRT monitors, that you could not buy
one with full electromagnetic shielding?
Because to the NSA/GCHQ/Mossad the noise generated by a CRT was as good as
a TV transmitter, and they could reconstruct what was on your screen.

That's why you had to put your monitor into a Faraday cage.

Yousuf Khan

Yousuf Khan wrote:
On 20/12/2013 3:22 AM, wrote:
On Sunday, 15 December 2013 14:45:26 UTC+8, geoff wrote:
http://www.idquantique.com/index.php...w=article&id=9



The real problem is the NSA wants 'insecure security' (insecure so it
can

collect data, but 100% secure for everyone else), which is an oxymoron.

Can you remember back in the days of CRT monitors, that you could not buy
one with full electromagnetic shielding?
Because to the NSA/GCHQ/Mossad the noise generated by a CRT was as
good as
a TV transmitter, and they could reconstruct what was on your screen.

That's why you had to put your monitor into a Faraday cage.

Yousuf Khan


Wikipedia has a picture of a home-made one. This would be
similar to a commercial one with copper screening and copper
flats, only cobbled together by grad students.

https://upload.wikimedia.org/wikiped...raday_cage.jpg

I think it comes with a complementary tin foil hat :-)

Paul

Can you remember back in the days of CRT monitors, that you could not buy
one with full electromagnetic shielding?
Because to the NSA/GCHQ/Mossad the noise generated by a CRT was as
good as a TV transmitter, and they could reconstruct what was on your
screen.

Yep, it's called 'Van Eck phreaking'.
http://en.wikipedia.org/wiki/Van_Eck_phreaking

'60 Minutes' had a show about it decades ago and Tech TV showed it in the
90s or early 2000s.

On 21/12/2013 12:41 PM, geoff wrote:
Can you remember back in the days of CRT monitors, that you could not buy
one with full electromagnetic shielding?
Because to the NSA/GCHQ/Mossad the noise generated by a CRT was as
good as a TV transmitter, and they could reconstruct what was on your
screen.

Yep, it's called 'Van Eck phreaking'.
http://en.wikipedia.org/wiki/Van_Eck_phreaking

'60 Minutes' had a show about it decades ago and Tech TV showed it in
the 90s or early 2000s.

It looks like modern LCD monitors are no less vulnerable to this
eavesdropping, according to the link above.

Yousuf Khan