Questions about reliability...

Simon Burnet simbur at yahoo.com
Sun Mar 11 23:44:21 GMT 2012


Hi,

I've read the web site regarding these USB keys, although if there's a searchable history of this mailing list, I didn't find it so please forgive me if I am covering well-trodden ground.

Firstly I'd like to say that I'm impressed with the design. Pumping entropy into /dev/random (and, given how Linux works, urandom too) is a lot better than having to write an interface library for each application. It's good that I (as a programmer) wouldn't have to re-invent the wheel several times to get this key working. I have a few questions regarding reliability of these keys however.

1. If they're being kept "near to breakdown", does this mean they have a significant failure rate? What's the MTBF of these keys? (That's how I read this page as a software engineer! I understand cryptography and entropy generation, but not electronics. If this isn't how it should be read, then I'd urge a note to that page!)

2. They are tested for their randomness and a "lock out" occurs if they fail this test. However after setting off the reliability alarm bell again, the information about the exact details of this lock out was a little sketchy. How permanent is this (for example, is it reset if the key detects that the randomness has returned, or if the key is unplugged and then re-inserted), and could you please give a bit more statistical information about the probability of this occurring during real world use (re-assure me please ;-). The reason I ask is that, for applications generating random numbers constantly, the chances of rolling a jackpot twice in a row is low, but given enough attempts, it'll happen at some point. (see the "infinite monkeys" theorum, or just by pure Sod's Law "if it's bad it'll happen, regardless of the odds, and I know who'll get the blame and have to fix it...").

3. Also, do these keys generate much heat during use, and are they suitable for use in a hot environment (such as stuck into the back of a Dell 1U server in a rack full of servers + whole bunches of cables to keep it nice and cozy -- AC has limited use at the back of such racks, as I'm sure you can appreciate)?

Many thanks in advance,

- Simon.




More information about the EntropyKey-users mailing list