High Assurance Randomness is a Standard of Due Care for Crypto
netRandom by Whitewood is the best way to ensure access to high-quality true random numbers across distributed applications. With a client-server model, netRandom distributes true entropy from a quantum source to properly seed random number generation across data centers and networked devices (a similar concept to network time protocol (NTP) for ensuring access to consistent date/time).
netRandom supplements existing local entropy sources within Linux and Windows instances to enable the generation of true random numbers that applications access in the normal way through existing RNG commands such as /dev/random in Linux and CNG in Windows.
Access to the remote netRandom entropy source is provided by a small software agent installed on each target server, VM instance or device. Each netRandom Client requests entropy in the form of random data blocks from the netRandom server using a secure network protocol to address the threat of eavesdropping and man-in-the-middle attacks.
The result is consistent and reliable access to high-quality entropy across potentially large populations of client instances, improving and normalizing the ability to generate strong cryptographic keys in distributed environments without modifying applications.
Share the Power of Great Entropy
netRandom addresses the threat of entropy starvation across legacy applications and virtualized environments:
- Deployed as cloud service or private data center infrastructure
- Works with existing applications
- Supports Linux and Windows environments
- Supplements existing entropy sources for added security
- Secure network delivery to prevent eavesdropping
- Quantum-powered entropy source – Whitewood Entropy EngineTM
- Comprehensive monitoring and reporting
- Complies with NIST SP 800-90 A/B/C (draft)
Change the Way you Think About Random Number Generation
Random number generation has long been considered a local issue. Individual computers capture real-world entropy as best they can, create random numbers, and provide them to local applications. The quality of random number generation is dependent on the hardware platform and the local environment. In today’s distributed and often outsourced IT environments this leads to uncertainty and inconsistency, both of which reduce overall confidence that crypto systems are providing the appropriate level of security.
Five Reasons to Take Action
- Virtualization – the hypervisor can isolate the applications that need randomness from the hardware that normally provides it. netRandom provides high-quality entropy directly to the OS and applications creating the flexibility to migrate from dedicated servers to virtualized and cloud-based environments with confidence.
- DevOps and Agile Deployment – keeping track of which applications require access to true random numbers and validating their access to entropy is impossible. netRandom delivers high-quality entropy across the entire application environment ensuring that security critical application instances always have access to true random numbers.
- Crypto-migration – best practices for cryptography is never static. Algorithms are replaced, key lengths are increased and key management becomes more scrutinized. The requirements for quality and quantity of random numbers are constantly increasing and should form part of every data center technology roadmap.
- Internet of Things – security critical applications increasingly run on IoT platforms and need to be secure. But most devices lack the ability to capture true entropy or the power to generate true random numbers. The sheer scale of the IoT creates millions of points of attack and true randomness is the difference between an isolated vulnerability and an epidemic.
- Standards and Compliance – randomness testing for entropy sources has been treated as an academic exercise for decades while enterprise systems are forced to rely on an ever-changing set of open source tools and utilities to boost entropy capabilities. The arrival of new NIST standards and incorporation into certification schemes such as FIPS 140 will help bring control and consistency.