 Hello everyone. Thank you for coming. I'm introducing Nibbe with his talk about more entropy, please Hi Today's topic is more entropy, please the title says all and And during this conference our family Doing a promotion of more entropy, please so so please call us about the game and I Will explain in this talk I am I Explained the promotion of more entropy, please the game and and I will explain the its philosophy and the product and Before explanation of the game I I Because I don't have enough time. I I Explain a bit of it's philosophy that these days people cares about the encryption after the Snowden incident two years ago, but we To to for better encryption. We need good randomness. That's the point so Yes, I think that people deserve to control their own computing and I think that the most of the people in this room understand this philosophy and But unfortunately backdoors and the software vulnerabilities are so common these days and the Surveillance must see if surveillance is very difficult to avoid from the viewpoint of the just a user so our Our fight is using encryption and we have a those project let's Encrypt or FSF has a page email self-defense and we encourage and we we We are we work very hard for the project like a gun up easy toe or otr but the the important point is that for encryption key key is important literally and the key includes static key or or the pair of a public key and the private key or Session key or nonce or etc. And Those keys should be random London here means no one can control or guess its generation Yes that and In to summarize people deserve to control their own computing and Because we use more encryption these days More randomness makes sense. So and In the center of computing for freedom, we have a single point we need random number generation which no one can control and the There he is a promotion for No one's control of the random number generation. We have a product Yes, and for do it yourself hackers for electronics These days I recommend this board educational evaluation board or from SD Michael, I think that it's something like a 10-year-old and By 10 you all you get to London number generators actually because we have a dongle and another target board. Yes and then and If it's so big for you My business Selling the smaller smaller one if we want and then this is This comes with a transparent Tube because the transparency is very important for us Yes, so so Here comes the first part the Our game to promote the the concept more entropy, please the I Wrote a story in my my web page and there I insist that the more entropy is required in this context entropy means a randomness and The game I I am currently introducing the interesting math game called multi-hole problem and It is a described like this, but I Quoted quoted from the Malillian's website, but I think that My own explanation would be better the In this game we have a For a five play five people Host today, it's me Utaka and there are three doors My family, please Yes Each each person represent a door a single door Toy this is a door and Hiroshi is my son and Are you me is my daughter? Yes Yes He's somehow so shy and Now and we have a player Yukiharu Yabuki also from Japan and we have a three doors and the player and I am a host and Game goes like this Host Host select I Have to explain the door behind the door. We have a car or Sheep or goat I Think that we Japanese don't have a good distinction between sheep and goat Yes, and I select the car and And And the randomness is very important here to shuffle And behind behind the Door we have a car and the purpose of the player is to get to win the car and And The second is that I ask player the initial choice of him so Which door do you sell do you choose Yabuki son? That's an initial choice He's Hiroshi my son and then I Host I open another door other than other than Hiroshi and the witch is Has a goat please open Yes, then The number five I asked player the final choice Stick or switch. I mean that I Keep the he's first choice or Switch he's Don't please don't Sorry, sorry, sorry and I asked a second choice I I asked Yabuki son for the final choice Which you change your note your decision You stick your first choice then I Host open the door of the final choice Please open the door Hiroshi Get in McKellen Okay, the player lose Yes, that's the game and the and The there are possible strategy of player the The initial choice is random then always stick the initial choice or always change the The first choice or there are many we could Consider many variant of the strategy but and the the How randomness is important in this game is that the Host me should be fair and I Should avoid some attacks against side channel attack side channel attack is very easy to explain Yabuki can sneak sneakly That this is a side channel attack That I should prevent those kind of side channel attack and And another important point is that It should be constant time my computation time to decide With how to which door Open how to say my computation time to decide the Opening door should be constant time to because the clever player could Observe my behavior To answer the final choice Yes This is a just a metaphor In many Software implementation like like gu no PG We we the developer of those software should care those things constant time computation and Randomness yes and the and The point of this lesson is that to be fair for fair host This means that the good software for encryption Landowners is so important and even if it's not used directly or it appears It will not need it. We actually need More randomness so My point is that more entropy, please yeah, and So in this promotion in this week our family playing this game and if you win the winner get a Japanese candy So please Join this game. Please call us to join this game during this conference that's our presentation and we have a Seven minutes or so question and answer time Thank you Yabuki-san and my family and let me again Explain the he is the Japanese DB and developer Yuki Haru Yabuki and my family my wife Hitoe and the My son he's a social he lossy And I you me my lovely daughter Thank you very much. So Do you have any question? Yes The USB device that you showed Earlier. Yes. Is the firmware on that open? Yes, sure Yes, the it's very good question. It's not only the firmware which is free For this product the PCB design is as a free design and I I did my best to It should be my opinion is that those kinds of the hardware should be reproducible by anyone and It should be transparent like that like that Hey, I was very worried about this problem a few days ago because I generated new keys Yes to bring to this conference. I didn't have a device So I went looking online for better ways to feed dev random And I found that there is not a centralized location to explain. Yeah, what types of demons You can use and what their drawbacks and advantages are Have those of you that want more entropy, which I would like to have more entropy Have you thought about trying to consolidate? I ended up using random sound, which is a demon that's in bebe in That will read off the microphone to add to dev random and on the web page I found the video one that will take pictures and do that So I added those to my entropy pool to make it better But I would love to have had a tutorial on all your ways. I can improve my entry. Yeah. Yes So is anyone working on that? I Don't think so unfortunately, but your question is a very good one and then In general, it would be easier to use have aged demon H a v Ed and that's a The entropy source is a computation itself that the CPU it uses randomness of the Other norm no control Ability of the CPU itself to get entropy and it is easy to just up to get have HD Yes, that's a easier one But if you if you control your own computer, it's not the VPS or something like that in that in that case, I I would recommend that one but and Those kinds of the hardware is is superior because the Have HD depends on this the CPU manufacturer and If we use this kit we are It is a kind of a abuse, you know, this is a educational evaluation kit the semiconductor manufacturer the vendor Don't expect such a usage So it would be no backdoor by the semiconductor vendor but It is highly likely that the famous CPU by Intel or something like that It would be the target to to yes by the someone Yes, so you should have those Kinds of the many random sources. Yes, that's my recommendation, but I don't know that Any good reference tutorial about that it should be available and I would like to Do some improvement in this area. Thank you for your question. I Just wanted to say that one of the really big risks of asking a question like that at a big conference Is that you have a large number of witnesses to you volunteering to write that documentation? So thank you for doing that So the last word is happy hacking and let's play more entropy please game. Yes. Thank you very much Honestly, seriously, please join our family