Understanding and Managing Entropy Usage

by Bruce Potter, Sasha Wood
Sept. 19, 2017 1 comment Black Hat belen_caty Encryption & Authentication

This talk aims to shine light on the core concerns of entropy creation and entropy utilization. We have analyzed a wide variety of systems, including different versions of the Linux and FreeBSD kernel, OpenSSL, OpenSSH, OpenVPN, and other crypto systems and documented their requirements for random numbers and required amount of entropy to function correctly. The team will also present findings entropy consumption for a variety of TLS modes including the impact of PFS. We will also present analysis of the quality and quantity of entropy sources available on common desktop, laptop, server, and mobile hardware. Finally, the team will also release the first version of our open source software, libentropy, that provides a unified interface for OpenSSL to manage sources of entropy and report status of entropy creation and utilization.


Irina Alexandra Negrii 7 months, 2 weeks ago

This paper highlights some truly surprising discrepancies between what people think is happening and how really works