Entropy as a Service – A scheme, implementation, experience (G11c)
Cryptography is facing new challenges with new technologies such as IoT, Cloud, Quantum Cryptography etc. As the number of secure connections are exponentially increasing, key generation, strength of keys are becoming a complex issue. As per NIST about 0.75% of TLS certificates share keys! Obviously entropy is the problem. Fine statistical tests are insufficient. So, delivering high quality entropy from a provably good clients has become an enticing option. The result is “Entropy as a Service (EaaS)”. This presentation will discuss an example architecture, protocol, and experiences of an implementation. It will also cover attacks that are considered during the architecture/protocol design.