FreeBSD Developers Will Not Trust Chip-Based Encryption

New submitter srobert writes "An article at Ars Technica explains how, following stories of NSA leaks, FreeBSD developers will not rely solely on Intel's or Via's chip-based random number generators for /dev/random values. The values will first be seeded through another randomization algorithm known as 'Yarrow.' The changes are effective with the upcoming FreeBSD 10.0 (for which the first of three planned release candidates became available last week)."

Very Smart Move

They have every reason NOT to trust the chips. Trust, but verify is always the correct way.

Re:Very Smart Move

[Billly+Gates]

You know 6 months ago such a comment would be modded -1 and this story would have the foot icon for humor.

My have things changed. Microsoft was not that bad DRM monster we feared 12 years ago. First it turned out to be Apple in which we cheered them 10 years ago here on /.

But both companies fail far in comparison to the US government and this is something I would not have imagined in my wildest nightmares.

Re:Very Smart Move

What? Don't be silly, these chips are all so perfectly safe and perfectly usable for things like encrypting communications

.oO(wait, that was too subtle, nobody will get my funny joke)

for us... *ahem* your customers!

.oO(wow, i'm really funny and sarcastic. just add a little more so nobody can't possibly miss it)

You're such a worrywart!

Signed, um...

.oO(ba-dumm tsss - i guess i will need to explain my next awesome joke too, by using boldface - otherwise nobody might get the subtle NSA reference)

Mr. Norman Samuel Ayers

.oO(well, i guess my humor is just too sophisticated, people will probaly miss it despite me repeatedly explaining my jokes. so let me just inb4 this)

(/me starts a tally of wooshes)

Re:Very Smart Move

[lgw]

The RNG threat is particularly bad, because it looks like only one person would need to be in the know to sabotage the RNG on silicon, and it would bypass any review process, and it would be very hard to detect by observation of the RNG (assuming it still had, say, 32 bits of entropy).

Re:Very Smart Move

[PopeRatzo]

Are there black helicopters flying over your bedroom collecting your thoughts?

Why would they need black helicopters to fly over your bedroom when they can just get them directly from your email?

Is the US Government doing it?

You know they are.

Are other governments?

Not the free ones.

Re:Very Smart Move

[Em+Adespoton]

Are there black helicopters flying over your bedroom collecting your thoughts?

Why would they need black helicopters to fly over your bedroom when they can just get them directly from your email?

Is the US Government doing it?

You know they are.

Are other governments?

Not the free ones.

True governance comes at a price. Always.

Re:Very Smart Move

With a surname that's a homophone of "stallin'" I'm guessing this individual was a Java programmer

Re:Very Smart Move

[celle]

"Trust, but verify"

        If you feel you have to verify then you don't trust them. It was bullshit when Reagan said it and it still is.

Re:Very Smart Move

I take it you didn't even actually read what he said, then.

Linus Torvalds responds:

Where do I start a petition to raise the IQ and kernel knowledge of people?

Guys, go read drivers/char/random.c. Then, learn about cryptography. Finally, come back here and admit to the world that you were wrong.

Short answer: we actually know what we are doing. You don't.

Long answer: we use rdrand as _one_ of many inputs into the random pool, and we use it as a way to _improve_ that random pool. So even if rdrand were to be back-doored by the NSA, our use of rdrand actually improves the quality of the random numbers you get from /dev/random.

Really short answer: you're ignorant.

TL;DR: Linux was NOT trusting chips and doing a variant of what FreeBSD plans to do now since quite a bit before.

Makes sense ...

[MacTO]

One of the features of open source software is that the code, thus the algorithms, can be examined by a third party. In the case of chips, this is very difficult to do. Most people are stuck trusting that the designer implemented the algorithm they said they did, and that they implemented it properly (the former implying no malice and the latter implying competence). That is particularly true for something like random number generators, which are intended to be non-deterministic as far as the software is concerned so any testing the implementation can only be done statistically. Very few people have the ability to examine the physical design of the chip to check the actual implementation.

Is there any way to gain trust in a chip?

[Jeremi]

Just out of curiosity: Given a "black box" implementation of a random number generator, is it possible to test its output sufficiently to gain some faith in its proper randomness?

Seeing as such a piece of hardware need not (and hopefully would not) have any inputs, only an output, it's hard to imagine how someone might hide (and later trigger) a back-door mechanism that could change its behavior post-testing. (But I'm sure there is some way to do it that I'm not thinking of ;))

Re:Is there any way to gain trust in a chip?

Black box? No. Even if testing proved it was absolutely random for the first N numbers, there is no way to be certain that N+1 is not the first of a string of non-random numbers.

But it's not necessary to make it a black box. Physical systems take well known phenomena and use them to to generate random numbers. http://en.wikipedia.org/wiki/Random_number_generation#Physical_methods Done this way, you can make a "transparent box" that performs great and is trustworthy.

Re:Is there any way to gain trust in a chip?

Ok, I'll take a shot, here's two of them for you:

1: Chip outputs the digits of pi starting at some crazy number of decimal places out that only the NSA has had enough hours on the supercomputer to find. Your chip now puts out data that you cannot distinguish from random, but that the NSA can perfectly predict. They go to their giant database of all of your internet traffic ever, and can now read whatever they would like, as all of your keys are now utterly, hopelessly broken.

2: Chip internally stores the last n random numbers that it has output. Later, the NSA can confiscate your computer, subject the chip to some undocumented state that causes it to barf up its secrets, and again all your keys are now utterly, hopelessly broken.

Re:Is there any way to gain trust in a chip?

[tippe]

Really? I just did this:

$ cat /dev/random | xxd | head -n 10
0000000: 414c 4c59 4f55 5242 4153 4541 5245 4245 ALLYOURBASEAREBE
0000010: 4c4f 4e47 544f 5553 5448 414e 4b53 4652 LONGTOUSTHANKSFR
0000020: 4f4d 5448 454e 5341 414c 4c59 4f55 5242 OMTHENSAALLYOURB
0000030: 4153 4541 5245 4245 4c4f 4e47 544f 5553 ASEAREBELONGTOUS
0000040: 5448 414e 4b53 4652 4f4d 5448 454e 5341 THANKSFROMTHENSA
0000050: 414c 4c59 4f55 5242 4153 4541 5245 4245 ALLYOURBASEAREBE
0000060: 4c4f 4e47 544f 5553 5448 414e 4b53 4652 LONGTOUSTHANKSFR
0000070: 4f4d 5448 454e 5341 414c 4c59 4f55 5242 OMTHENSAALLYOURB
0000080: 4153 4541 5245 4245 4c4f 4e47 544f 5553 ASEAREBELONGTOUS
0000090: 5448 414e 4b53 4652 4f4d 5448 454e 5341 THANKSFROMTHENSA

Maybe there's a pattern there; I'm not sure. I guess that's the problem with randomness: you can never be sure.

Re:Is there any way to gain trust in a chip?

[AHuxley]

Re 'output sufficiently to gain some faith in its proper randomness".
Back when cypher machines where unique physical devices sold to gov for embassy use the US and UK had two options:
Set their own device standard with Tempest to leak the plain text. Such a unit would pass all "proper" crypto testing as it was a real crypto unit. The plain text was leaking out as entered or printed and could be collected.
The great aspect was "trust" form the end user and the message was "safe" for sending.
The other option was to get to staff or set up a front company to sell junk weakened encryption at a low price or via a trusted brand in a 'neutral' country.
The low price would make any real commercial crypto efforts fail and set international standards to what junk brands where 'trusted' 'safe' and been used.
When countries started the read leaked fragments of their encypted communications in the press - that was the time never to trust 'hardware'.
After Snowden users can think back - you can have all the crypto post-testing you want as the US branded OS or tame telco or junk hardware/software is set for collecting all your keystrokes...
The same tricks seem like crypto magic to every generation of academics. The problem is anyone could have followed the methods via the press in the ~1960-70-80-90's.

Re:Is there any way to gain trust in a chip?

[gnasher719]

Just out of curiosity: Given a "black box" implementation of a random number generator, is it possible to test its output sufficiently to gain some faith in its proper randomness?

Short answer: No.

Long answer: There is "statistical randomness" and "cryptographical randomness". "Statistical randomness" tells you whether a random number generator can be used reasonably to simulate random physical phenomena. "Cryptographical randomness" means that it is impossible to predict the next random number if you know the mechanism that produces the random numbers, and the previous sequence of random numbers. Statistical randomness can be tested. For example, if you calculate three random numbers a, b and c, there are six possible ways how they could be ordered, and each possible ordering should be equally likely. Cryptographical randomness cannot be tested.

Re:Is there any way to gain trust in a chip?

All of this can be conveniently calculated by this tool, and neither of this will help you to distinguish actual randomness from a result of cryptographic algorithm working on extremely predictable input.

For example, here's what it says about 32M of random bytes:
Entropy = 7.999994 bits per byte.

Optimum compression would reduce the size
of this 33554432 byte file by 0 percent.

Chi square distribution for 33554432 samples is 257.80, and randomly
would exceed this value 43.91 percent of the times.

Arithmetic mean value of data bytes is 127.4968 (127.5 = random).
Monte Carlo value for Pi is 3.140698143 (error 0.03 percent).
Serial correlation coefficient is 0.000015 (totally uncorrelated = 0.0).

And here's what it says about 32 megabytes generated by SHA-256 hashing of 'Intel Intel Intel Intel Intel' concatenated with a 24 bit counter:
Entropy = 7.999994 bits per byte.

Optimum compression would reduce the size
of this 33554432 byte file by 0 percent.

Chi square distribution for 33554432 samples is 269.79, and randomly
would exceed this value 25.08 percent of the times.

Arithmetic mean value of data bytes is 127.4839 (127.5 = random).
Monte Carlo value for Pi is 3.141798922 (error 0.01 percent).
Serial correlation coefficient is 0.000266 (totally uncorrelated = 0.0).

See how different the results look?.. Oh, wait, they don't :(

For comparison, here's results for 32MB of simply ('Intel Intel Intel Intel Intel' concatenated with a 24 bit counter):
Entropy = 3.465109 bits per byte.

Optimum compression would reduce the size
of this 33554432 byte file by 56 percent.

Chi square distribution for 33554432 samples is 1153826816.00, and randomly
would exceed this value less than 0.01 percent of the times.

Arithmetic mean value of data bytes is 91.5781 (127.5 = random).
Monte Carlo value for Pi is 3.948254105 (error 25.68 percent).
Serial correlation coefficient is 0.079051 (totally uncorrelated = 0.0).

Re:Is there any way to gain trust in a chip?

[melikamp]

Just out of curiosity: Given a "black box" implementation of a random number generator, is it possible to test its output sufficiently to gain some faith in its proper randomness?

gnasher719 gave a nice answer, and I just want to add more. For statistical purposes, a true and fair RNG printing a string of zeroes and ones would at the very least print a normal number, and to test for that, one would have to count the frequencies of substrings of every length, in every base, which of course can be done, but may get expensive if one wants a lot of confidence.

What gnasher719 calls cryptographical randomness cannot be tested in practice, but in theory, one can run the countable set of all computer programs in parallel, and see whether they can predict the digits of the RNG sequence with probability better than 1/2. Of course, this is completely intractable in the foreseeable future, with or without functional quantum computers.

Re:Is there any way to gain trust in a chip?

[ras]

Given a "black box" implementation of a random number generator, is it possible to test its output sufficiently to gain some faith in its proper randomness?

The answer is an outright no.

The thing that crypto depends on isn't that a stream of random numbers appears to be random. It is that the next number is utterly unpredictable. No one, not even the person who generated it, will know what it will be. This means if it is used as a key to protected some data, no one can predict what that key will be.

One of ways every cryptographic cipher or hash is checked is to verify its output is indistinguishable from random data. If it isn't there is a weakness in the cipher or hash. So the output from any good cipher or hash will always appear to be completely random according to any test we can devise. But - the output is also completely predictable.

So all NSA need to do in their black box is start with a predictable key or salt (the time would be fine), push it through a cipher or hash and output something which by appears completely random. If the random number is used to as 128 bits AES key it will appear file to any test the user can generate. But say they use a 1us tick to generate the time, and the NSA knows to say within 10 minutes when the key was generated, then they will only have to brute force against 1 billion keys (in other words that 128 bit key only has 30 bits of entropy). This is trivial to do.

QED, the answer is emphatically no - there is no way to test if a black box is generating truly random numbers. Every black box must be treated as untrustworthy - which is exactly what BSD, Linux and I hope everybody else does.

Re:Wise

[Minwee]

Every time an OpenBSD system needs a random number, instead of trusting any hardware device, it phones home and asks Theo to provide one.

Re: what's that going to accomplish?

https://www.schneier.com/yarrow-qa.html

your ignorance is unjustifiable

Re:what's that going to accomplish?

[houstonbofh]

Because true random in software is computationally expensive. Adding a layer of obfuscation on top of the untrusted hardware gives you a better random cheaply, and avoids potential back-doors in the hardware generator.

Re:Wise

[maxwell+demon]

I think it phones to this place. However some developers don't trust that random number generator and instead opt for this implementation.

nine nine nine...

[jakedata]

http://dilbert.com/strips/comic/2001-10-25/

That's the problem with randomness, you can never be sure.

Re:what's that going to accomplish?

[Billly+Gates]

Not to mention insecure too.

There are only so many milliseconds on the clock to use on the seed. Even if you use the mic statistically silence or a clicking sound will be heard for 90% of the users so that makes that seed bad too. Network? At home there is little traffic and even at work there are the same patterns from Cisco and HP for 80% of the packets.

SGI had some interesting encryption methods that dealt with quantam mechanics on their servers and workstations. Man I miss them.

FYI, Linux did this 18 months ago

[swillden]

One of the first things Ted Ts'o did when he took back maintainership of /dev/random in Linux was to stop depending solely on the hardware RNG.

https://plus.google.com/117091380454742934025/posts/SDcoemc9V3J?e

Re:FYI, Linux did this 18 months ago

[swillden]

Hmm. I thought slashdot would automatically linkify that. https://plus.google.com/117091380454742934025/posts/SDcoemc9V3J?e.

Re:Wise

[Thud457]

random numbers tend to be treated almost as a religious argument rather than a technical one.

Hail Eris!

TRNG using discrete components?

[QuasiSteve]

Given that it's stated that you can't trust a chip's encryption routines, which at the basis means that you don't trust its random number generator, and given that 'a chip' extends down from the latest Intel to a relatively lowly PIC, is anybody aware of an actually available TRNG (true/hardware random number generator) built out of discrete components?

Comments to a Bruce Schneier post titled "Surreptitiously Tampering with Computer Chips" once suggested this would be the only way to 1. be certain* of no tampering and 2. have reasonably sufficient output bandwidth to be used in practical applications.

However, I haven't seen any actual implementation. My Google-fu may be failing me, though.

* Barring some pretty sweet shenanigans like those pulled by Henryk Gasperowicz; [Spoiler video](https://www.youtube.com/watch?v=-KMLmpC7-Ls). I can't see manufacturers including any crypto-defeatery bits into a basic transistor thinking that it just might possibly be used in an actual crypto application, and eat the cost somehow.

Re:what's that going to accomplish?

[X0563511]

Yarrow is hardly vague.

Re:what's that going to accomplish?

[Billly+Gates]

you just...answered why it wouldn't work. If that much garbage is actually coming into the conditioned power, it will kill the system in very little time.

You know I had a problem with BSOD occuring frequently in a large call center.

Turns out hte problem was the big UPS for the whole floor spiked things and the power strips always tried to smooth things. Over a period of time the soldier would crack and burst due to the UPS doing hard rectangular patterns rather than waves when it alternated back and forth.

Real power from the wall was cleaner than the UPS for the power strips.

Re:Wise

[Carnildo]

According to the OpenBSD link, OpenBSD uses the Intel and Via random-number generators, but not as the sole source of randomness. The nice thing about mixing random number generators is that if you do it right (like OpenBSD does), the result is at least as random as the most random source: a bad RNG does not reduce the overall quality of randomness.

Re: what's that going to accomplish?

[mlts]

What is needed is are seed inputs. When a key is hit, get a super-accurate clock sample of it, hash it with MD5 [1], and toss it in the pool. Mouse movements, similar. If the computer is idle, this won't help much, but while it is in use, it should help provide enough unpredictable data to be up to par for security purposes. I'm sure there are other inputs that can be hashed over time and the hashed bits tossed in. Of course, the RNG from the chip can be easily tossed in as well. The good thing is that the most random factor "wins" in this case.

[1]: MD5 has its issues, but it is being used in this case as a bit blender, so hash collisions can happen, and not really matter. It would be wise to move to a newer algorithm like SHA-1024 or SHA-3, for more bits though.

Re:Entropy source

[mrchaotica]

A webcam with the lens cap on works for that kind of thing. (I'd link to lavarnd.org, but it is mysteriously down...)

Re:Entropy source

[semi-extrinsic]

I would mod you up if I wasn't out of points.
And I too think lavarnd.org being down at this moment in time is semi-spooky.

Re: what's that going to accomplish?

[TheRaven64]

It is quite unlikely that the hardware RNG is compromised. It is, however, quite likely (and there have been experiments to show this for some RNG implementations) that it doesn't give as much entropy as advertised.

The big problem is that it's very hard to get good entropy early on in the boot process (when things like TCP sequence numbers and sometimes when SSH server keys are initially generated). You can use a hash of the kernel, but that's shared between other machines with the same kernel. You can use the time, but that's likely known to the attacker (and in some embedded systems will always be the same on every boot, until it queries an external source and corrects it). You can use interrupt times, but the ones from the disk / flash are likely to be similar, if not the same, across boots of the same kernel and the early network ones are susceptible to attack by people on the local network.

The hardware RNG definitely gives you some entropy, and so using it to stir the pool for Yarrow helps a lot here. Later on, there is a lot more entropy. As you start to get disk access patterns based on system use and network connections from a variety of sources, interrupt times give quite a lot of entropy. It still helps to mix in the hardware RNG, however.

As I said in another post, it's quite unlikely that the hardware is intentionally compromised (although it's a nice attack, so I wouldn't guarantee that future versions won't be), but it's very likely that it provides less entropy than advertised. This makes it fine for input into a PRNG like Yarrow of Fortuna (I think Fortuna made it into FreeBSD 10, if not it should be in 10.1), but not adequate for general use. The point of a PRNG algorithm like Yarrow is to generate an unpredictable sequence of numbers from some source entropy seed, which can change over time. As long as you have enough entropy, you will get a cryptographically secure sequence of pseudo-random numbers. All this work is doing is saying 'we trust the hardware to give us some entropy, but we don't trust it to give us all of the entropy that we need'.

Re:Weird stance.

[TheRaven64]

Trust in a random number generator is not a binary thing. All of the current hardware RNG implementations produce some entropy. The question is how much entropy you trust them to produce. If it gives 256 bits of entropy, then you can just use it as your random number source and be done with it. One that produces 16 bits of entropy is very useful as one (but not the sole) source to an algorithm like Yarrow of Fortuna, but would be a disaster if you used it as the random number generator without such an algorithm in the middle.