Although the term is appropriate and is used in the field, the phrase „random numbers” can be misleading. To many people, it suggests random number generator functions in the math libraries which come with one’s compiler. Such generator functions are insecure and to be avoided for cryptographic purposes. What one needs for cryptography is values which can not be guessed by an adversary any more easily than by trying all possibilities [that is, „brute force”]. One needs random bits (or values) for several cryptographic purposes, but the two most common are the generation of cryptographic keys (or passwords) and the blinding of values in certain protocols.

The Entropy Key, or eKey, is a small, unobtrusive and easily installed USB stick that generates high-quality random numbers, or entropy, which can improve the performance, security and reliability of servers. It can also be used with scientific, gambling and lottery applications, or anywhere where good random numbers are needed.

The eKey contains two high-quality quantum noise generators, and an ARM Cortex CPU that actively measures, checks and confirms all generated random numbers, before encrypting them and sending them to the server. It also actively detects attempts to corrupt or sway the device. It aims towards FIPS-140-2 Level 3 compliance with some elements of Level 4, including tamper-evidence, tamper-proofing, role-based authentication, and environmental attacks. If it detects that one of its two generators has failed, may be about to fail, or if it detects a physical attack, it will automatically shut down.

Simtec Electronics eKey

Tagged as: cryptography, encryption, entropy, privacy, security | Author: Martin Leyrer
[Sonntag, 20090830, 11:46 | permanent link | 0 Kommentar(e)