Read random bytes from Gnuk potentially frequently without destroying the card

NIIBE Yutaka gniibe at fsij.org
Tue Nov 29 08:18:27 CET 2022


Damien Goutte-Gattat wrote:
> In the specific case of the Gnuk token, the GET CHALLENGE command is
> implemented using the same logic as the one used in NeuG [2]. I have not
> looked in details how NeuG works, but given that it is specifically intended
> as a random number generator, I’d say it’s safe to assume than using it as
> intended cannot ”destroy the token”. :)

No, it never destroy the token.  So, for Gnuk Token, use it freely.

> # RANDOM <nbytes>
> # 
> # Get NBYTES of random from the card and send them back as data.
> # This usually involves EEPROM write on the card and thus excessive
> # use of this command may destroy the card.

I didn't know this help text.  I think that it's specific to Zeitcontrol
card.

For Gnuk on STM32F103 (not the emulation version), it runs ADC (Analogue
to Digital Converter) for randomness.  It never destroy anything.

While intended usage of ADC is measurement of some analog input, we use
ADC to get noise (in theory, each sample has 0.5-bit of information,
nobody knows).
-- 



More information about the Gnupg-users mailing list