Entropy at Black Hat 2015

At Black Hat USA 2015, I gave a briefing on entropy use and management in the Linux kernel, along with Bruce Potter, CTO of KEYW Corporation.

You need random numbers to do many things on modern computers. For instance, all the cryptography that secures your web transactions is powered by random numbers. This cryptography means that only Amazon can use your credit card details and that only you can tell your bank to transfer money out of your account. But random numbers are hard to come by on a computer. Computers are, by nature, pretty deterministic machines.

You can generate mostly random numbers by things like measuring temperature very accurately and looking only at the last decimal place, which fluctuates a lot. Or measuring the RF radiation passing by, and again, looking only at the last decimal place. Your computer generates mostly random numbers by looking at the time that various things happen – you press a key on the keyboard, a packet arrives on the network – and looking only at the last decimal place of the time that that even happen.

Continue reading “Entropy at Black Hat 2015”